Update dependency express to v4.20.0

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
express (source)	dependencies	minor	4.18.2 -> 4.20.0

By merging this PR, the issue #15 will be automatically resolved and closed:

Severity	CVSS Score	Vulnerability
High	7.5	CVE-2024-52798
Medium	6.1	CVE-2024-29041
Medium	5.0	CVE-2024-43796

---

Release Notes

expressjs/express (express)

v4.20.0

Compare Source

==========

• deps: serve-static@​0.16.0
  • Remove link renderization in html while redirecting
• deps: send@​0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@​0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@​0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

v4.19.2

Compare Source

==========

• Improved fix for open redirect allow list bypass

v4.19.1

Compare Source

==========

• Allow passing non-strings to res.location with new encoding handling checks

v4.19.0

Compare Source

==========

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@​0.6.0

v4.18.3

Compare Source

==========

• Fix routing requests without method
• deps: body-parser@​1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@​2.5.2
• deps: cookie@​0.6.0
  • Add partitioned option

---

• If you want to rebase/retry this PR, check this box