chore(devdeps): update dependency @types/express to v5.0.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/express (source)	5.0.1 -> 5.0.5

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8d1745b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 8d1745b

---

☁️ Nx Cloud last updated this comment at 2025-11-04 15:32:13 UTC

[pkg-pr-new]

Open in StackBlitz

@forgerock/davinci-client

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/davinci-client@461

@forgerock/oidc-client

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/oidc-client@461

@forgerock/protect

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/protect@461

@forgerock/sdk-types

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/sdk-types@461

@forgerock/sdk-utilities

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/sdk-utilities@461

@forgerock/iframe-manager

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/iframe-manager@461

@forgerock/sdk-logger

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/sdk-logger@461

@forgerock/sdk-oidc

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/sdk-oidc@461

@forgerock/sdk-request-middleware

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/sdk-request-middleware@461

@forgerock/storage

pnpm add https://pkg.pr.new/ForgeRock/ping-javascript-sdk/@forgerock/storage@461

commit: b457497

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 18.52%. Comparing base (fa3d434) to head (b457497).

❌ Your project status has failed because the head coverage (18.52%) is below the target coverage (40.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #461   +/-   ##
=======================================
  Coverage   18.52%   18.52%           
=======================================
  Files         138      138           
  Lines       27402    27402           
  Branches      963      963           
=======================================
  Hits         5076     5076           
  Misses      22326    22326           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Deployed 195cf22 to https://ForgeRock.github.io/ping-javascript-sdk/pr-461/195cf2249c0ba86ff6cae600855d4f155e556acd branch gh-pages in ForgeRock/ping-javascript-sdk

[github-actions]

📦 Bundle Size Analysis

📦 Bundle Size Analysis

🚨 Significant Changes

🔻 @forgerock/journey-client - 0.0 KB (-82.0 KB, -100.0%)

📊 Minor Changes

📈 @forgerock/journey-client - 82.0 KB (+0.0 KB)

➖ No Changes

➖ @forgerock/device-client - 9.2 KB
➖ @forgerock/oidc-client - 23.0 KB
➖ @forgerock/protect - 150.1 KB
➖ @forgerock/sdk-utilities - 7.5 KB
➖ @forgerock/sdk-types - 8.0 KB
➖ @forgerock/storage - 1.4 KB
➖ @forgerock/sdk-logger - 1.6 KB
➖ @forgerock/iframe-manager - 2.4 KB
➖ @forgerock/sdk-request-middleware - 4.5 KB
➖ @forgerock/sdk-oidc - 2.5 KB
➖ @forgerock/davinci-client - 35.4 KB

---

13 packages analyzed • Baseline from latest main build

Legend

🆕 New package
🔺 Size increased
🔻 Size decreased
➖ No change

ℹ️ How bundle sizes are calculated

• Current Size: Total gzipped size of all files in the package's dist directory
• Baseline: Comparison against the latest build from the main branch
• Files included: All build outputs except source maps and TypeScript build cache
• Exclusions: .map, .tsbuildinfo, and .d.ts.map files

---

_{🔄 Updated automatically on each push to this PR}

[nx-cloud]

Nx Cloud has identified a possible root cause for your failed CI:

The failures observed are not the result of a code change. The pull request only updates the @types/express package from version 5.0.1 to 5.0.4, which is a minor version bump of TypeScript type definitions for the Express framework.

The failing tests are end-to-end Playwright tests in @forgerock/oidc-suites that test authentication flows with PingAM and PingOne identity providers. All three failures are timeout errors occurring when the tests attempt to interact with authentication endpoints or wait for navigation after clicking sign-in buttons:

1. Test "PingAM login and get token tests › background login with valid credentials" times out waiting for a response from an authentication endpoint
2. Test "PingOne login and get token tests › background login with valid credentials" times out waiting for navigation to the callback URL
3. Test "PingOne login and get token tests › redirect login with valid credentials" times out waiting for navigation to the callback URL

These timeout failures indicate that the authentication services (PingAM/PingOne) are not responding within the expected 30-second timeout window. This is characteristic of environment or infrastructure issues such as:

• External authentication services being unavailable or slow
• Network connectivity problems
• Test environment not being properly configured or warmed up
• Transient service degradation

The @types/express package update in the diff has no connection to these authentication flows. Type definition updates do not affect runtime behavior or network communications. The updated package provides TypeScript type information only and does not change how Express applications execute or how authentication services respond.

Additionally, 6 tests in the same suite passed successfully, suggesting the test code itself is functional but the specific authentication flows that require external service calls are experiencing reliability issues.

This failure is classified as environment_state because it results from the unavailability or degraded performance of external dependencies (PingAM and PingOne authentication services) rather than from any code modifications in the pull request.

A code change would likely not resolve this issue, so no action was taken.

View in Nx Cloud ↗

_{🎓 To learn more about Self Healing CI, please visit nx.dev}