The maintainer of one of our dependencies, debug, was the target of a phishing attack resulting in the release of [email protected] with malware. Supply chain security is all of our responsibilities. Be careful out there, and for today don't update your deps. socket.dev/blog/npm-aut...

🔐 Is it a vulnerability, or just a misunderstood feature? At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not" Topics: 👉 Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social 👉 Why #threatModels matter 🎥 Watch: gitnation.com/contents/wha...

I’ve been maintaining @expressjs.bsky.social for over 11 months. I’m currently leading the integration of HTTP/2, as well as helping with the documentation redesign and performance improvements. If my work has helped you, consider supporting my open source work: dub.sh/bjohansebas

😏 The Great Monkey-Patch Safari in @expressjs.bsky.social has begun. Join the adventure with critical hacks and hotfixes ahead! github.com/expressjs/ex...

Say hello to my very old friend @expressjs.bsky.social running on @cloudflare.social workers!

Hi Express community! We’d love your feedback on our website’s content. ✨ What topics or resources would you like us to add? 🔧 What existing content do you think we could improve? Your input will help us make our docs even better, every idea matters! github.com/expressjs/ex...

We’ve cleaned up @expressjs.bsky.social ! 🧹 Deprecated some legacy packages: 🔥 csurf 🔥 connect-multiparty 🔥 path-match More context: github.com/expressjs/di... Blog post coming soon! 📘

Happening now!

🥹 May is almost here, and it's officially #MaintainerMonth 🚀 I’ve helped release @expressjs.bsky.social 5.1, ship key @nodejs.org updates, lead #OpenSource security work, and reboot #Yeoman. If you believe in supporting #devTools, consider sponsoring ❤️ 👉 github.com/sponsors/Uli...

@expressjs.bsky.social has officially surpassed 40 million weekly downloads on npm⚡

Tomorrow we are going to have a first informal @expressjs.bsky.social Performance Working Group meeting. If you are interested in this work, especially longer term, please come and chat. Since it was last minute we are not having an agenda, just an informal discussion. github.com/expressjs/pe...

Finally getting around to the Performance WG setup for @expressjs.bsky.social. Anyone who is interested, please feel free to start opening issues and participating in the kickoff. github.com/expressjs/pe...

When I started contributing to the @expressjs.bsky.social site, there were barely any PRs for docs or design. Today, even though there’s still a lot to improve on the design side, we’ve got a great contributor base, similar to when the site’s development was sponsored by a company back in 2015

🚀 Exciting Announcement today! Express v5 is officially "latest" and we have started the maintenance period for v4. Read more about the release and our LTS plans in our blog post: expressjs.com/2025/03/31/v...

Also hoping to call this out in our blog post. Got great reviews (thanks @naugtur.pl 🚀) by posting here yesterday, hope maybe the same will work for the blog post. Reviews welcome! github.com/expressjs/ex...

If you have a chance, please take a look at this PR which proposes some concrete details and dates. github.com/expressjs/di...

With the upcoming release of @expressjs.bsky.social v5 and promoting it to latest on npm, we needed to finalize some of our support and schedule plans. Would love feedback on this plan from the ecosystem so we can do better than we have in the past on keeping folks informed and aware of the plans.

I want to especially thank @bjohansebas.bsky.social for all his work these past months! Not only is a lot of his work in these releases, he has also become our top contributor across the @expressjs.bsky.social project. expressjs.github.io/statusboard/

🚀 Just released [email protected] 📦 🍿 #release details: github.com/expressjs/bo...

🚀 Just released [email protected] 📦 🍿 #release details: github.com/jshttp/type-...

🚀 Just released [email protected] 📦 🍿 #release details: github.com/pillarjs/rou...

🚀 Just released [email protected] 📦 🍿 #release details: github.com/jshttp/mime-...

For over 6 months, I've been supporting the @expressjs.bsky.social project, improving documentation and maintaining packages like compression. If my contributions have been helpful, it would be great if you could support me: github.com/sponsors/bjo... #OpenSource

🚨 What's REALLY a Vulnerability? 🚨 Join me at #NodeCongress as we break down the @nodejs.org & @expressjs.bsky.social threat models 🔒✨ ✅ Real-world examples ✅ Security myths busted ✅ How threat models shape bug bounties & fixes Let’s rethink #security together! 🚀 gitnation.com/contents/wha...

[email protected] published 🚀 The most notable change is that application/octet-stream is now marked as compressible. When we update this in the compression middleware this will mean some nice savings over the wire in your express apps. github.com/jshttp/mime-...

I love getting nerdsniped on HTTP spec related stuff, and am glad I quit my job to have space in my life for this was fun to figure out what probably happened with content-disposition having in incomplete regex for parsing extended filename parameters: github.com/jshttp/conte...

The thank-you message I received for successfully launching a PR made my day 🤗

Not sure this is the one, but pretty sure it is. @bjohansebas.bsky.social has been doing such great work it is awesome to see this kind of recognition! Well deserved.

Getting 🤏 very close 🤏 to cutting the @expressjs.bsky.social 5.1.0 release which will be when we go latest and officially start the spin down of Express v4. github.com/expressjs/ex...

I want to take a moment to celebrate some folks doing amazing work. Last year this time we were just kicking off the work to move @expressjs.bsky.social forward. Today I checked our statusboard and it is awesome to see @bjohansebas.bsky.social and Phillip (pbrt.at) as top contributors.

I gave a talk in October about @expressjs.bsky.social and found a live stream of it. Watch me talk really fast and still go over time. youtu.be/ydEw5nIVt4w?...

It's great to see the progress that #ExpressJS made this year, and also great to see what I think some of the work in the #nodejs security wg have a broader impact (for example I think the threat model)

express.js is planning to migrate its documentation to a new framework that will allow us to provide a better experience for developers using our documentation. We need your help to choose the right tool. Please check github.com/expressjs/ex... and share your opinion.

@openjs.bsky.social 💙 @expressjs.bsky.social We are a website official Impact project now. openjsf.org/projects

I am going to be giving a talk about @expressjs.bsky.social later this month. If you are in Austin I would love to ramble at you about our work and then chat after. Thanks to @coreybutler.com for setting this up! www.meetup.com/bleeding-edg...

🚀 2024 was monumental for @expressjs.bsky.social: ✅ Released Express 5.0 ✅ Overhauled governance ✅ Strengthened security (audits, triage team…) 2025? Even bigger: ✨ Automated npm releases ✨ Scoped packages ✨ Performance monitoring ✨ Enhanced security expressjs.com/2025/01/09/r...

Preparing a new release involves testing #Nodejs against popular packages, a process we call 'Canary in The Gold Mine' ( #CITGM ). Reviewing results isn't easy, so we've developed our own tools. #SpoilerAlert: @expressjs.bsky.social is back on the list!🎉 github.com/nodejs/citgm...

We like it and we depend on it! Thanks for all your great work throughout the years.

Thanks a lot @sanity.io for your financial contribution to Express on Open Collective opencollective.com/express 🎉 We are glad that you like and support Express!

We have a list! We don't have everyone on the platform yet, but here is the Express TC list if you want to follow us while we work out how we plan to use this account. bsky.app/profile/did:...