chore(deps): bump multer and express-openapi-validator in /examples/6-multi-file-spec

[dependabot]

Bumps multer to 2.0.1 and updates ancestor dependency express-openapi-validator. These dependencies need to be updated together.

Updates multer from 1.4.5-lts.1 to 2.0.1

Release notes

Sourced from multer's releases.

v2.0.1

Important

• Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

What's Changed

• add Arabic translation for README .. by @​3imed-jaberi in expressjs/multer#762
• Update README.md to fix issue #1114 by @​Mohamed-Abdelfattah in expressjs/multer#1169
• Improved documentation translation to Spanish by @​juliomontenegro in expressjs/multer#1174
• Translated to french by @​AlanLg in expressjs/multer#1182
• Improve the Brazilian Portuguese translation by @​vitorRibeiro7 in expressjs/multer#1204
• doc: uzbek language by @​eugene0928 in expressjs/multer#1232
• Fix a mistake with README-pt-br.md by @​Igor-CA in expressjs/multer#1251
• Update in Readme-pt-br and fix in Readme-ko by @​carlosstenzel in expressjs/multer#1252
• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/multer#1260
• ci: replace travis with github action by @​inigomarquinez in expressjs/multer#1259
• docs: improve readability by @​Sreejit-Sengupto in expressjs/multer#1255
• test: add test for out-of-band error event by @​LinusU in expressjs/multer#1294
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in expressjs/multer#1290
• Documentation: remove unfortunate abbreviation from readme by @​MaddyGuthridge in expressjs/multer#1299
• ci: use ubuntu-latest as default runner by @​UlisesGascon in expressjs/multer#1308
• ci: add CodeQL (SAST) by @​bjohansebas in expressjs/multer#1289
• Update readme badges by @​bjohansebas in expressjs/multer#1268
• 📝 fix changelog information by @​ctcpip in expressjs/multer#1316
• master -> v2 by @​ctcpip in expressjs/multer#1317
• chore: fix typo by @​saucecodee in expressjs/multer#993
• Remove --save from README by @​username1001 in expressjs/multer#929
• feat - update link badge in docs by @​carlosstenzel in expressjs/multer#1273
• ci: change branch reference by @​UlisesGascon in expressjs/multer#1319
• ♻️ use version tag for CI, fix CI badge, fix references to master/main by @​ctcpip in expressjs/multer#1324
• deps: update dependencies to latest versions by @​bjohansebas in expressjs/multer#1328
• 📝 list languages in table to prevent GH right-aligning list due to RTL language by @​ctcpip in expressjs/multer#1325
• [StepSecurity] Apply security best practices by @​step-security-bot in expressjs/multer#1311

New Contributors

• @​3imed-jaberi made their first contribution in expressjs/multer#762
• @​Mohamed-Abdelfattah made their first contribution in expressjs/multer#1169
• @​juliomontenegro made their first contribution in expressjs/multer#1174
• @​AlanLg made their first contribution in expressjs/multer#1182
• @​vitorRibeiro7 made their first contribution in expressjs/multer#1204
• @​eugene0928 made their first contribution in expressjs/multer#1232
• @​Igor-CA made their first contribution in expressjs/multer#1251
• @​inigomarquinez made their first contribution in expressjs/multer#1260
• @​Sreejit-Sengupto made their first contribution in expressjs/multer#1255
• @​carpasse made their first contribution in expressjs/multer#1290
• @​MaddyGuthridge made their first contribution in expressjs/multer#1299
• @​saucecodee made their first contribution in expressjs/multer#993
• @​username1001 made their first contribution in expressjs/multer#929
• @​step-security-bot made their first contribution in expressjs/multer#1311

... (truncated)

Changelog

Sourced from multer's changelog.

2.0.1

• Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

2.0.0

• Breaking change: The minimum supported Node version is now 10.16.0
• Fix CVE-2025-47935 (GHSA-44fp-w29j-9vj5)
• Fix CVE-2025-47944 (GHSA-4pg4-qvpc-4q3h)

1.4.5-lts.2

• Fix out-of-band error event from busboy (#1177)

Commits

• e259a7e 🔖 2.0.1
• 35a3272 Fixes expressjs/multer#1233. Makes multer handle mi...
• f897007 ci: apply security best practices (#1311)
• 061f4cb 📝 list languages in table to prevent GH right-aligning list due to RTL language
• 854d769 deps: update dependencies to latest versions (#1328)
• 256da2f ♻️ use version tag for CI, fix CI badge, fix references to master/main
• dd9dde4 📝 fix badges in translation files (#1321)
• dc2a880 ci: change branch reference
• de80e57 ci: change branch reference
• 1b92c67 docs: update badge links in docs (#1273)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for multer since your current version.

Updates express-openapi-validator from 5.3.7 to 5.5.6

Release notes

Sourced from express-openapi-validator's releases.

v5.5.6

(2025-06-07)

• allErrors default remains false for >-5 (22ce174)
• allErrors default remains false for >-5 (901c8dd)
• allErrors default remains false for >-5 (0671ed9)
• Delete test.txt (ef8105c)
• fixes #1037 returns all errors, rather than just the first (8fa449b), closes #1037
• v5.5.4 (af80f33)
• chore(deps): bump multer and express-openapi-validator (#1076) (2c3a1e7), closes #1076
• chore(deps): bump multer from 2.0.0 to 2.0.1 in /examples/1-standard (#1080) (d1f5ec5), closes #1080
• fix: examples/1-standard/package.json & examples/1-standard/package-lock.json to reduce vulnerabilit (3810afc), closes #1074
• fix: examples/2-standard-multiple-api-specs/package.json & examples/2-standard-multiple-api-specs/pa (fc86598), closes #1075

(2025-05-24)

• chore(deps): bump multer from 1.4.5-lts.2 to 2.0.0 (#1069) (9426f16), closes #1069

(2025-05-19)

• v5.5.2 (9f640cf)
• fix: add qs as dependency (#1067) (eef4922), closes #1067

(2025-05-18)

• fixes 1064: type: object and explode: false in query parameter is not working as expected (#1066) (7ff2fee), closes #1066
• Update README.md (d47f1f6)
• Update README.md (44e2d8f)
• v5.5.1 (306b2ea)

(2025-05-11)

• fix tests for node 24 (e94cb27)
• Optimise Ajv cache usage (#1062) (990995b), closes #1062
• Update README.md (218a4b1)
• Update README.md (c500595)
• Update README.md (#1059) (b24a071), closes #1059
• v 5.5.0-beta.2 - upgrades dependencies (f2f6c37)
• v5.5.0 (3562d7b)
• v5.5.0 (92f64c7)
• v5.5.0 (81766f1)
• v5.5.0-beta.1 (a52b312)

... (truncated)

Changelog

Sourced from express-openapi-validator's changelog.

(2025-06-11)

• fix(#1071): Fix query param validation for literal bracket notation in param names (122ac9d)
• fix(#1071): Fix query param validation for literal bracket notation in param names (#1084) (319b303), closes #1084
• upgrade example to 5.5.6 (0b852b9)
• chore(deps): bump multer in /examples/2-standard-multiple-api-specs (#1082) (631e4cc), closes #1082

(2025-06-07)

• allErrors default remains false for >-5 (22ce174)
• allErrors default remains false for >-5 (901c8dd)
• allErrors default remains false for >-5 (0671ed9)
• Delete test.txt (ef8105c)
• fixes #1037 returns all errors, rather than just the first (8fa449b), closes #1037
• v5.5.4 (af80f33)
• chore(deps): bump multer and express-openapi-validator (#1076) (2c3a1e7), closes #1076
• chore(deps): bump multer from 2.0.0 to 2.0.1 in /examples/1-standard (#1080) (d1f5ec5), closes #1080
• fix: examples/1-standard/package.json & examples/1-standard/package-lock.json to reduce vulnerabilit (3810afc), closes #1074
• fix: examples/2-standard-multiple-api-specs/package.json & examples/2-standard-multiple-api-specs/pa (fc86598), closes #1075

(2025-05-24)

• chore(deps): bump multer from 1.4.5-lts.2 to 2.0.0 (#1069) (9426f16), closes #1069

(2025-05-19)

• v5.5.2 (9f640cf)
• fix: add qs as dependency (#1067) (eef4922), closes #1067

(2025-05-18)

• fixes 1064: type: object and explode: false in query parameter is not working as expected (#1066) (7ff2fee), closes #1066
• Update README.md (d47f1f6)
• Update README.md (44e2d8f)
• v5.5.1 (306b2ea)

(2025-05-11)

• fix tests for node 24 (e94cb27)
• Optimise Ajv cache usage (#1062) (990995b), closes #1062

... (truncated)

Commits

• 2f9ad6e v5.5.6
• 0b778a8 v5.5.6
• 933445f v5.5.5
• 22ce174 allErrors default remains false for >-5
• 901c8dd allErrors default remains false for >-5
• 0671ed9 allErrors default remains false for >-5
• af80f33 v5.5.4
• 8fa449b fixes #1037 returns all errors, rather than just the first
• d1f5ec5 chore(deps): bump multer from 2.0.0 to 2.0.1 in /examples/1-standard (#1080)
• 2c3a1e7 chore(deps): bump multer and express-openapi-validator (#1076)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.