diff --git a/astro/package-lock.json b/astro/package-lock.json
index f0969e7f2c..8aae7164af 100644
--- a/astro/package-lock.json
+++ b/astro/package-lock.json
@@ -9,6 +9,7 @@
"version": "0.0.1",
"dependencies": {
"@astrojs/mdx": "^4.3.13",
+ "@astrojs/rss": "^4.0.17",
"@astrojs/sitemap": "^3.7.0",
"astro": "^5.18.0",
"astro-expressive-code": "^0.41.7",
@@ -135,6 +136,26 @@
"node": "18.20.8 || ^20.3.0 || >=22.0.0"
}
},
+ "node_modules/@astrojs/rss": {
+ "version": "4.0.17",
+ "resolved": "https://registry.npmjs.org/@astrojs/rss/-/rss-4.0.17.tgz",
+ "integrity": "sha512-eV+wdMbeVKC9+sPaV0LN8JL1LGo9YAh3GKl4Ou4nzMNLmXM/aswYpSGxVEAuHilgBZ6/++/Pv08ICmuOqX107w==",
+ "license": "MIT",
+ "dependencies": {
+ "fast-xml-parser": "5.4.1",
+ "piccolore": "^0.1.3",
+ "zod": "^4.3.6"
+ }
+ },
+ "node_modules/@astrojs/rss/node_modules/zod": {
+ "version": "4.3.6",
+ "resolved": "https://registry.npmjs.org/zod/-/zod-4.3.6.tgz",
+ "integrity": "sha512-rftlrkhHZOcjDwkGlnUtZZkvaPHCsDATp4pGpuOOMDaTdDDXF91wuVDJoWoPsKX/3YPQ5fHuF3STjcYyKr+Qhg==",
+ "license": "MIT",
+ "funding": {
+ "url": "https://github.com/sponsors/colinhacks"
+ }
+ },
"node_modules/@astrojs/sitemap": {
"version": "3.7.0",
"resolved": "https://registry.npmjs.org/@astrojs/sitemap/-/sitemap-3.7.0.tgz",
@@ -4768,6 +4789,40 @@
"dev": true,
"license": "MIT"
},
+ "node_modules/fast-xml-builder": {
+ "version": "1.1.4",
+ "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.1.4.tgz",
+ "integrity": "sha512-f2jhpN4Eccy0/Uz9csxh3Nu6q4ErKxf0XIsasomfOihuSUa3/xw6w8dnOtCDgEItQFJG8KyXPzQXzcODDrrbOg==",
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/NaturalIntelligence"
+ }
+ ],
+ "license": "MIT",
+ "dependencies": {
+ "path-expression-matcher": "^1.1.3"
+ }
+ },
+ "node_modules/fast-xml-parser": {
+ "version": "5.4.1",
+ "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.4.1.tgz",
+ "integrity": "sha512-BQ30U1mKkvXQXXkAGcuyUA/GA26oEB7NzOtsxCDtyu62sjGw5QraKFhx2Em3WQNjPw9PG6MQ9yuIIgkSDfGu5A==",
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/NaturalIntelligence"
+ }
+ ],
+ "license": "MIT",
+ "dependencies": {
+ "fast-xml-builder": "^1.0.0",
+ "strnum": "^2.1.2"
+ },
+ "bin": {
+ "fxparser": "src/cli/cli.js"
+ }
+ },
"node_modules/fastq": {
"version": "1.20.1",
"resolved": "https://registry.npmjs.org/fastq/-/fastq-1.20.1.tgz",
@@ -8102,6 +8157,21 @@
"node": ">=8"
}
},
+ "node_modules/path-expression-matcher": {
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/path-expression-matcher/-/path-expression-matcher-1.2.0.tgz",
+ "integrity": "sha512-DwmPWeFn+tq7TiyJ2CxezCAirXjFxvaiD03npak3cRjlP9+OjTmSy1EpIrEbh+l6JgUundniloMLDQ/6VTdhLQ==",
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/NaturalIntelligence"
+ }
+ ],
+ "license": "MIT",
+ "engines": {
+ "node": ">=14.0.0"
+ }
+ },
"node_modules/path-key": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
@@ -9482,6 +9552,18 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/strnum": {
+ "version": "2.2.1",
+ "resolved": "https://registry.npmjs.org/strnum/-/strnum-2.2.1.tgz",
+ "integrity": "sha512-BwRvNd5/QoAtyW1na1y1LsJGQNvRlkde6Q/ipqqEaivoMdV+B1OMOTVdwR+N/cwVUcIt9PYyHmV8HyexCZSupg==",
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/NaturalIntelligence"
+ }
+ ],
+ "license": "MIT"
+ },
"node_modules/style-to-js": {
"version": "1.1.21",
"resolved": "https://registry.npmjs.org/style-to-js/-/style-to-js-1.1.21.tgz",
diff --git a/astro/package.json b/astro/package.json
index 5d89b2edf3..21422a3821 100644
--- a/astro/package.json
+++ b/astro/package.json
@@ -16,6 +16,7 @@
},
"dependencies": {
"@astrojs/mdx": "^4.3.13",
+ "@astrojs/rss": "^4.0.17",
"@astrojs/sitemap": "^3.7.0",
"astro": "^5.18.0",
"astro-expressive-code": "^0.41.7",
diff --git a/astro/src/content.config.ts b/astro/src/content.config.ts
index 3d2c3aaf69..3837f06bbb 100644
--- a/astro/src/content.config.ts
+++ b/astro/src/content.config.ts
@@ -30,7 +30,7 @@ const blogCollection = defineCollection({
schema: z.object({
title: z.string(),
description: z.string().optional(),
- tags: z.string().optional(),
+ tags: z.array(z.string()).optional(),
authors: z
.array(
z.object({
diff --git a/astro/src/content/blog/en/2024-07-16-welcome-post.md b/astro/src/content/blog/en/2024-07-16-welcome-post.md
index 81a4594089..8892e7237d 100644
--- a/astro/src/content/blog/en/2024-07-16-welcome-post.md
+++ b/astro/src/content/blog/en/2024-07-16-welcome-post.md
@@ -1,7 +1,7 @@
---
title: Welcome to The Express Blog!
description: Introducing the new Express blog — a primary platform for announcements, updates, and communication from the Express technical committee.
-tags: announcements
+tags: ['announcements']
authors:
- name: Rand McKinney
github: crandmck
diff --git a/astro/src/content/blog/en/2024-09-29-security-releases.md b/astro/src/content/blog/en/2024-09-29-security-releases.md
index a6381c8a16..4e72a82fad 100644
--- a/astro/src/content/blog/en/2024-09-29-security-releases.md
+++ b/astro/src/content/blog/en/2024-09-29-security-releases.md
@@ -1,7 +1,7 @@
---
title: September 2024 Security Releases
description: Security releases for Express, body-parser, send, serve-static, and path-to-regexp have been published. We recommend that all users upgrade as soon as possible.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2024-10-01-HeroDevs-partnership-announcement.md b/astro/src/content/blog/en/2024-10-01-HeroDevs-partnership-announcement.md
index c11214c8a4..11048603df 100644
--- a/astro/src/content/blog/en/2024-10-01-HeroDevs-partnership-announcement.md
+++ b/astro/src/content/blog/en/2024-10-01-HeroDevs-partnership-announcement.md
@@ -1,7 +1,7 @@
---
title: Express Never Ending Support Launched by HeroDevs and Express.js
description: The Express.js team is pleased to announce a partnership with HeroDevs to launch Express Never-Ending Support (NES), providing long-term support for applications built with legacy Express. This collaboration ensures that developers relying on older versions of the framework will continue to receive critical security and compatibility updates, allowing them to maintain and scale their applications securely, even after the framework's official end-of-life.
-tags: announcements
+tags: ['announcements']
authors:
- name: Express Technical Committee
github: expressjs
diff --git a/astro/src/content/blog/en/2024-10-15-v5-release.md b/astro/src/content/blog/en/2024-10-15-v5-release.md
index 3c2a7e7a61..a1af3bea75 100644
--- a/astro/src/content/blog/en/2024-10-15-v5-release.md
+++ b/astro/src/content/blog/en/2024-10-15-v5-release.md
@@ -1,6 +1,6 @@
---
title: 'Introducing Express v5: A New Era for the Node.js Framework'
-tags: announcements
+tags: ['announcements']
authors:
- name: Wes Todd
github: wesleytodd
diff --git a/astro/src/content/blog/en/2024-10-22-security-audit-milestone-achievement.md b/astro/src/content/blog/en/2024-10-22-security-audit-milestone-achievement.md
index e9a7f06b9d..36e8f8bc98 100644
--- a/astro/src/content/blog/en/2024-10-22-security-audit-milestone-achievement.md
+++ b/astro/src/content/blog/en/2024-10-22-security-audit-milestone-achievement.md
@@ -1,6 +1,6 @@
---
title: 'Express.js Security Audit: A Milestone Achievement'
-tags: security announcements
+tags: ['security', 'announcements']
authors:
- name: Express Technical Committee
github: expressjs
diff --git a/astro/src/content/blog/en/2025-01-09-rewind-2024-triumphs-and-2025-vision.md b/astro/src/content/blog/en/2025-01-09-rewind-2024-triumphs-and-2025-vision.md
index 863c4f04c0..02a74e94f6 100644
--- a/astro/src/content/blog/en/2025-01-09-rewind-2024-triumphs-and-2025-vision.md
+++ b/astro/src/content/blog/en/2025-01-09-rewind-2024-triumphs-and-2025-vision.md
@@ -1,6 +1,6 @@
---
title: 'A New Chapter for Express.js: Triumphs of 2024 and an ambitious 2025'
-tags: announcements
+tags: ['announcements']
authors:
- name: Express Technical Committee
github: expressjs
diff --git a/astro/src/content/blog/en/2025-03-31-v5-1-latest-release.md b/astro/src/content/blog/en/2025-03-31-v5-1-latest-release.md
index f2cb6e33ae..149dcf439e 100644
--- a/astro/src/content/blog/en/2025-03-31-v5-1-latest-release.md
+++ b/astro/src/content/blog/en/2025-03-31-v5-1-latest-release.md
@@ -1,6 +1,6 @@
---
title: 'Express@5.1.0: Now the Default on npm with LTS Timeline'
-tags: announcements
+tags: ['announcements']
authors:
- name: Express Technical Committee
github: expressjs
diff --git a/astro/src/content/blog/en/2025-05-16-express-cleanup-legacy-packages.md b/astro/src/content/blog/en/2025-05-16-express-cleanup-legacy-packages.md
index 5e13ff43a8..500d48cb51 100644
--- a/astro/src/content/blog/en/2025-05-16-express-cleanup-legacy-packages.md
+++ b/astro/src/content/blog/en/2025-05-16-express-cleanup-legacy-packages.md
@@ -1,6 +1,6 @@
---
title: 'Spring Cleaning in Express.js: Deprecations and the Path Ahead'
-tags: announcements
+tags: ['announcements']
authors:
- name: Express Technical Committee
github: expressjs
diff --git a/astro/src/content/blog/en/2025-05-19-security-releases.md b/astro/src/content/blog/en/2025-05-19-security-releases.md
index 0e0888ae27..f66906eb1e 100644
--- a/astro/src/content/blog/en/2025-05-19-security-releases.md
+++ b/astro/src/content/blog/en/2025-05-19-security-releases.md
@@ -1,7 +1,7 @@
---
title: May 2025 Security Releases
description: Security release for Multer has been published. We recommend that all users upgrade as soon as possible.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2025-06-05-vulnerability-reporting-process-overhaul.md b/astro/src/content/blog/en/2025-06-05-vulnerability-reporting-process-overhaul.md
index 6228656f1f..f227665d72 100644
--- a/astro/src/content/blog/en/2025-06-05-vulnerability-reporting-process-overhaul.md
+++ b/astro/src/content/blog/en/2025-06-05-vulnerability-reporting-process-overhaul.md
@@ -1,7 +1,7 @@
---
title: How Express.js Rebuilt Its Vulnerability Reporting Process
description: Express.js has overhauled its vulnerability reporting workflow with a unified process, consolidated documentation, and GitHub Security Advisories enabled across all repositories.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2025-07-18-security-releases.md b/astro/src/content/blog/en/2025-07-18-security-releases.md
index d172f106de..2e716847b9 100644
--- a/astro/src/content/blog/en/2025-07-18-security-releases.md
+++ b/astro/src/content/blog/en/2025-07-18-security-releases.md
@@ -1,7 +1,7 @@
---
title: June 2025 Security Releases
description: Security update for Multer released. All users are encouraged to upgrade.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2025-07-31-security-releases.md b/astro/src/content/blog/en/2025-07-31-security-releases.md
index a39f73e60b..694e5c7ac4 100644
--- a/astro/src/content/blog/en/2025-07-31-security-releases.md
+++ b/astro/src/content/blog/en/2025-07-31-security-releases.md
@@ -1,7 +1,7 @@
---
title: July 2025 Security Releases
description: Security releases for Multer and On-headers has been published. We recommend that all users upgrade as soon as possible.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2025-12-01-security-releases.mdx b/astro/src/content/blog/en/2025-12-01-security-releases.mdx
index 9bf36b8246..fb2ce9abf4 100644
--- a/astro/src/content/blog/en/2025-12-01-security-releases.mdx
+++ b/astro/src/content/blog/en/2025-12-01-security-releases.mdx
@@ -1,7 +1,7 @@
---
title: November 2025 Security Releases
description: Security release for body-parser has been published. We recommend that all users upgrade as soon as possible.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/content/blog/en/2026-02-27-security-releases.mdx b/astro/src/content/blog/en/2026-02-27-security-releases.mdx
index 505981f3dd..2f76d635e6 100644
--- a/astro/src/content/blog/en/2026-02-27-security-releases.mdx
+++ b/astro/src/content/blog/en/2026-02-27-security-releases.mdx
@@ -1,7 +1,7 @@
---
title: February 2026 Security Releases
description: Security release for multer has been published. We recommend that all users upgrade as soon as possible.
-tags: security
+tags: ['security']
authors:
- name: Ulises Gascón
github: UlisesGascon
diff --git a/astro/src/layouts/Layout.astro b/astro/src/layouts/Layout.astro
index 1814c58c9b..577b16127f 100644
--- a/astro/src/layouts/Layout.astro
+++ b/astro/src/layouts/Layout.astro
@@ -92,6 +92,13 @@ const lang = getLangFromUrl(Astro.url);
name="robots"
content={isNetlify ? 'noindex, nofollow' : 'max-image-preview:large, index, follow'}
/>
+
+
diff --git a/astro/src/pages/[lang]/blog/[...page].astro b/astro/src/pages/[lang]/blog/[...page].astro
index 7b8c1acada..68e4a42e1d 100644
--- a/astro/src/pages/[lang]/blog/[...page].astro
+++ b/astro/src/pages/[lang]/blog/[...page].astro
@@ -20,16 +20,7 @@ export async function getStaticPaths({ paginate }: { paginate: PaginateFunction
return bFile.localeCompare(aFile);
});
- const allTags = [
- ...new Set(
- langPosts.flatMap((p) =>
- (p.data.tags ?? '')
- .split(' ')
- .map((t: string) => t.trim())
- .filter(Boolean)
- )
- ),
- ];
+ const allTags = [...new Set(langPosts.flatMap((p) => p.data.tags ?? []))];
return paginate(langPosts, {
params: { lang },
@@ -57,8 +48,8 @@ function formatTagLabel(tag: string) {
return spaced.charAt(0).toUpperCase() + spaced.slice(1);
}
-function getLabels(tags?: string) {
- return (tags ?? '').split(' ').filter(Boolean).map(formatTagLabel);
+function getLabels(tags?: string[]) {
+ return (tags ?? []).map(formatTagLabel);
}
function getPostProps(post: CollectionEntry<'blog'>) {
@@ -94,7 +85,7 @@ const filterTabs: TabItem[] = [
{
pagePosts.map((post) => (
-
+
))
@@ -111,7 +102,7 @@ const filterTabs: TabItem[] = [
{
langPosts.map((post) => (
-
+
))
diff --git a/astro/src/pages/[lang]/blog/[slug].astro b/astro/src/pages/[lang]/blog/[slug].astro
index 04b958f5c6..d77f61bbef 100644
--- a/astro/src/pages/[lang]/blog/[slug].astro
+++ b/astro/src/pages/[lang]/blog/[slug].astro
@@ -34,7 +34,7 @@ const date = new Date(dateStr).toLocaleDateString('en-US', {
day: 'numeric',
year: 'numeric',
});
-const label = tags?.split(' ')[0] ?? '';
+const label = tags?.[0] ?? '';
---
diff --git a/astro/src/pages/feed.xml.ts b/astro/src/pages/feed.xml.ts
new file mode 100644
index 0000000000..0041a0e99a
--- /dev/null
+++ b/astro/src/pages/feed.xml.ts
@@ -0,0 +1,31 @@
+import rss from '@astrojs/rss';
+import { getCollection } from 'astro:content';
+import type { APIRoute } from 'astro';
+import {
+ getLinkedTitleContent,
+ getAuthorsCustomData,
+ getPubDateFromId,
+ shouldIncludeInFeed,
+ sortByIdDateDesc,
+} from '@/utils/rss';
+
+export const GET: APIRoute = async (context) => {
+ const site = context.site as URL;
+ const blog = await getCollection('blog');
+ const sortedBlog = sortByIdDateDesc(blog.filter((post) => shouldIncludeInFeed(post.id)));
+
+ return rss({
+ title: 'The Express.js Blog',
+ description: 'News and updates about express.js',
+ site: site.href,
+ items: sortedBlog.map((post) => ({
+ link: `/blog/${post.id}/`,
+ title: post.data.title,
+ pubDate: getPubDateFromId(post.id),
+ description: post.data.description,
+ content: getLinkedTitleContent(post.data.title, post.id, site),
+ categories: post.data.tags,
+ customData: getAuthorsCustomData(post.data.authors),
+ })),
+ });
+};
diff --git a/astro/src/pages/vulnerabilities.xml.ts b/astro/src/pages/vulnerabilities.xml.ts
new file mode 100644
index 0000000000..4a568c9aa7
--- /dev/null
+++ b/astro/src/pages/vulnerabilities.xml.ts
@@ -0,0 +1,35 @@
+import rss from '@astrojs/rss';
+import { getCollection } from 'astro:content';
+import type { APIRoute } from 'astro';
+import {
+ getLinkedTitleContent,
+ getAuthorsCustomData,
+ getPubDateFromId,
+ shouldIncludeInFeed,
+ sortByIdDateDesc,
+} from '@/utils/rss';
+
+export const GET: APIRoute = async (context) => {
+ const site = context.site as URL;
+ const blog = await getCollection('blog');
+ const securityPosts = sortByIdDateDesc(
+ blog.filter(
+ (post) => shouldIncludeInFeed(post.id) && (post.data.tags ?? []).includes('security')
+ )
+ );
+
+ return rss({
+ title: 'Express.js Security Feed',
+ description: 'Posts tagged as security from the Express.js blog.',
+ site: site.href,
+ items: securityPosts.map((post) => ({
+ link: `/blog/${post.id}/`,
+ title: post.data.title,
+ pubDate: getPubDateFromId(post.id),
+ description: post.data.description,
+ content: getLinkedTitleContent(post.data.title, post.id, site),
+ categories: post.data.tags,
+ customData: getAuthorsCustomData(post.data.authors),
+ })),
+ });
+};
diff --git a/astro/src/utils/rss.ts b/astro/src/utils/rss.ts
new file mode 100644
index 0000000000..d08510db0b
--- /dev/null
+++ b/astro/src/utils/rss.ts
@@ -0,0 +1,45 @@
+export interface FeedAuthor {
+ name: string;
+ github?: string;
+}
+
+export function getPubDateFromId(id: string): Date | undefined {
+ const filename = id.split('/').pop() ?? id;
+ const match = filename.match(/^(\d{4}-\d{2}-\d{2})/);
+ if (!match) return undefined;
+
+ const date = new Date(`${match[1]}T00:00:00.000Z`);
+ return Number.isNaN(date.getTime()) ? undefined : date;
+}
+
+export function getAuthorsCustomData(authors?: FeedAuthor[]): string | undefined {
+ if (!authors?.length) return undefined;
+
+ return authors
+ .map((author) => {
+ const uri = author.github ? `https://github.com/${author.github}` : '';
+ return `${author.name}${uri}`;
+ })
+ .join('');
+}
+
+export function sortByIdDateDesc(items: T[]): T[] {
+ return [...items].sort((a, b) => {
+ const aTime = getPubDateFromId(a.id)?.getTime() ?? 0;
+ const bTime = getPubDateFromId(b.id)?.getTime() ?? 0;
+
+ if (aTime === bTime) return a.id.localeCompare(b.id);
+ return bTime - aTime;
+ });
+}
+
+export function shouldIncludeInFeed(id: string): boolean {
+ const filename = id.split('/').pop() ?? id;
+ return !/^write[-_]posts?$/i.test(filename);
+}
+
+export function getLinkedTitleContent(title: string, id: string, site: URL): string {
+ const link = new URL(`/blog/${id}/`, site).href;
+
+ return `${title}`;
+}