build(deps): bump response-time from 2.3.2 to 2.3.4

[dependabot]

Bumps response-time from 2.3.2 to 2.3.4.

Release notes

Sourced from response-time's releases.

v2.3.4

What's Changed

• ci: add CodeQL (SAST) by @​bjohansebas in expressjs/response-time#34
• ci: limit the scope to main branch by @​UlisesGascon in expressjs/response-time#33
• [StepSecurity] Apply security best practices by @​step-security-bot in expressjs/response-time#37
• build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @​dependabot[bot] in expressjs/response-time#38
• build(deps-dev): bump eslint-plugin-import from 2.10.0 to 2.31.0 by @​dependabot[bot] in expressjs/response-time#40
• build(deps-dev): bump eslint-plugin-standard from 3.0.1 to 3.1.0 by @​dependabot[bot] in expressjs/response-time#41
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @​dependabot[bot] in expressjs/response-time#42
• build(deps): bump github/codeql-action from 3.27.0 to 3.28.18 by @​dependabot[bot] in expressjs/response-time#43
• build(deps-dev): bump eslint-plugin-promise from 3.7.0 to 3.8.0 by @​dependabot[bot] in expressjs/response-time#46
• build(deps-dev): bump eslint-plugin-markdown from 1.0.0-beta.6 to 1.0.2 by @​dependabot[bot] in expressjs/response-time#44
• build(deps-dev): bump mocha from 6.1.4 to 6.2.3 by @​dependabot[bot] in expressjs/response-time#45
• build(deps-dev): bump eslint-plugin-import from 2.31.0 to 2.32.0 by @​dependabot[bot] in expressjs/response-time#47
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by @​dependabot[bot] in expressjs/response-time#48
• deps: on-headers@1.1.0 by @​UlisesGascon in expressjs/response-time#49
• 🔖 v2.3.4 by @​ctcpip in expressjs/response-time#50

New Contributors

• @​bjohansebas made their first contribution in expressjs/response-time#34
• @​step-security-bot made their first contribution in expressjs/response-time#37
• @​dependabot[bot] made their first contribution in expressjs/response-time#38
• @​ctcpip made their first contribution in expressjs/response-time#50

Full Changelog: expressjs/response-time@2.3.3...v2.3.4

2.3.3

What's Changed

• deps: depd@~2.0.0
  • Remove remove use of eval
• deps: depd@~1.1.2
  • Remove unnecessary Buffer loading
  • perf: remove argument reassignment

New Contributors

• @​carpasse made their first contribution in expressjs/response-time#23
• @​cesco69 made their first contribution in expressjs/response-time#27
• @​UlisesGascon made their first contribution in expressjs/response-time#28

Full Changelog: expressjs/response-time@2.3.2...2.3.3

Changelog

Sourced from response-time's changelog.

2.3.4 / 2025-07-17

• deps: on-headers@~1.1.0
  • Fix CVE-2025-7339 (GHSA-76c9-3jph-rj3q)

2.3.3 / 2024-10-07

• deps: depd@~2.0.0
  • Remove remove use of eval
• deps: depd@~1.1.2
  • Remove unnecessary Buffer loading
  • perf: remove argument reassignment

Commits

• 81090b8 🔖 v2.3.4 (#50)
• c9c8566 deps: on-headers@1.1.0 (#49)
• fabc31f build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 (#48)
• f53fa10 build(deps-dev): bump eslint-plugin-import from 2.31.0 to 2.32.0 (#47)
• 97138ac build(deps-dev): bump mocha from 6.1.4 to 6.2.3 (#45)
• 77d4e1d build(deps-dev): bump eslint-plugin-markdown from 1.0.0-beta.6 to 1.0.2 (#44)
• 6679ce0 build(deps-dev): bump eslint-plugin-promise from 3.7.0 to 3.8.0 (#46)
• 8af6562 build(deps): bump github/codeql-action from 3.27.0 to 3.28.18 (#43)
• e648da6 build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 (#42)
• 4f8b029 build(deps-dev): bump eslint-plugin-standard from 3.0.1 to 3.1.0 (#41)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for response-time since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)