chore(deps): update dependency @nestjs/platform-express to v11.1.17

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@nestjs/platform-express (source)	11.1.11 → 11.1.17

---

Release Notes

nestjs/nest (@​nestjs/platform-express)

v11.1.17

Compare Source

v11.1.16

Compare Source

v11.1.16 (2026-03-05)

Bug fixes

• microservices
  • #​16506 fix(microservices): fix double callback when isdisposed or err is truthy (@​LhonRafaat)

Dependencies

• platform-express
  • #​16507 fix(deps): update dependency multer to v2.1.1 (@​renovate[bot])

Committers: 2

• Lhon (@​LhonRafaat)
• Shahnoor Mujawar (@​shahnoormujawar)

v11.1.15

Compare Source

What's Changed

• fix(microservices): if indexOf return 0 will if will be falsy by @​cuiweixie in #​16401
• fix(microservices): introuduce max pattern depth and object complexity by @​kamilmysliwiec in #​16402
• chore(@​nestjs/core): allow override for initializeWildcardHandlersIfE… by @​StNekroman in #​16468
• chore(deps): update dependency @​fastify/middie to v9.2.0 [security] by @​renovate[bot] in #​16472
• fix(deps): update dependency multer to v2.1.0 [security] by @​renovate[bot] in #​16474

New Contributors

• @​cuiweixie made their first contribution in #​16401
• @​StNekroman made their first contribution in #​16468

Full Changelog: nestjs/nest@v11.1.14...v11.1.15

v11.1.14

Compare Source

v11.1.14 (2026-02-17)

Bug fixes

• platform-fastify
  • #​16384 fix(fastify): fastify middleware bypass cve (@​kamilmysliwiec)
• common
  • #​16307 fix: logger print invalid context when no stack trace provided (@​JulienDuf)

Enhancements

• common
  • #​16314 fix(common): change requestOrigin type (@​SpencerKaiser)

Committers: 5

• Julien Dufresne (@​JulienDuf)
• Kamil Mysliwiec (@​kamilmysliwiec)
• Mykhailo Skrypsky (@​mixator)
• Spencer Kaiser (@​SpencerKaiser)
• 조수민 (@​suuuuuuminnnnnn)

v11.1.13

Compare Source

v11.1.13 (2026-02-03)

Bug fixes

• common
  • #​16230 fix(common): Fix skipping maxArrayLength and maxStringLength option (@​chojs23)

Enhancements

• microservices
  • #​16286 feat(microservices): support per-handler qos in mqtt (@​suuuuuuminnnnnn)
  • #​16262 Feat/microservices configurable max buffer size (@​jobnow)
• common
  • #​16202 fix(common): exclude built-in primitives from strip proto keys (@​som14062005)

Dependencies

• platform-fastify
  • #​16282 fix(deps): update dependency fastify to v5.7.4 (@​renovate[bot])
• platform-express
  • #​16241 fix(deps): update dependency cors to v2.8.6 (@​renovate[bot])

Committers: 6

• Lee Donghyun (@​devizi0)
• Mykhailo Skrypsky (@​mixator)
• Neo (@​chojs23)
• Praveen Somasundaram (@​som14062005)
• Ricardo Gomes (@​jobnow)
• 조수민 (@​suuuuuuminnnnnn)

v11.1.12

Compare Source

v11.1.12 (2026-01-15)

Bug fixes

• common
  • #​16187 fix(common): regression in loading file-type under Windows OS (@​iamkanguk97)

Dependencies

• platform-ws
  • #​16161 chore(deps): bump ws from 8.18.3 to 8.19.0 (@​dependabot[bot])
• common
  • #​16155 fix(deps): update dependency file-type to v21.3.0 (@​renovate[bot])
• platform-fastify
  • #​16154 fix(deps): update dependency find-my-way to v9.4.0 (@​renovate[bot])

Committers: 3

• Antonio Tripodi (@​Tony133)
• KANGUK LEE (@​iamkanguk97)
• @​miso-kyoungminkim

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

test-content/nest-project/package-lock.json

Package	Version	License	Issue Type
@nestjs/platform-express	11.1.17	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
npm/@nestjs/platform-express	11.1.17	Unknown	Unknown
npm/cors	2.8.6	🟢 7.9	Details Check Score Reason Code-Review 🟢 9 Found 18/19 approved changesets -- score normalized to 9 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected SAST 🟢 9 SAST tool detected but not run on all commits Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 7 22 out of 30 merged PRs checked by a CI test -- score normalized to 7 Contributors 🟢 10 project has 8 contributing companies or organizations
npm/multer	2.1.1	🟢 7.8	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Code-Review 🟢 7 Found 17/24 approved changesets -- score normalized to 7 Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 18 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 License 🟢 10 license file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 8 SAST tool detected but not run on all commits Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches CI-Tests 🟢 9 21 out of 22 merged PRs checked by a CI test -- score normalized to 9 Contributors 🟢 10 project has 67 contributing companies or organizations

Scanned Files

• test-content/nest-project/package-lock.json

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​nestjs/​platform-express@​11.1.11 ⏵ 11.1.17				+1

View full report