Version 4.21.0 and older now pulls in types for 5.0.0 that are incompatible.

[JimmyBjorklund]

Version 4.21.0 and older now pulls in types for 5.0.0 that are incompatible.

     "node_modules/@types/express": {
       "version": "5.0.0",
       "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.0.tgz",
       "integrity": "sha512-DvZriSMehGHL1ZNLzi6MidnsDhUZM/x2pRdDIKdwbUNqqwHxMlRdkxtn6/EPKyqKpHqTl/4nRZsRNLpZxZRpPQ==",
      "license": "MIT",
       "dependencies": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^5.0.0",
         "@types/qs": "*",
         "@types/serve-static": "*"
       }
     },

app/server.ts:31:11 - error TS2769: No overload matches this call.
  The last overload gave the following error.
    Argument of type '(err: any, req: Request<ParamsDictionary, any, any, ParsedQs, Record<string, any>>, res: Response<any, Record<string, any>>, next: NextFunction) => void | Response<...>' is not assignable to parameter of type 'PathParams'.

31   app.use(ErrorHandler);
             ~~~~~~~~~~~~

  node_modules/@types/express-serve-static-core/index.d.ts:153:5
    153     <
            ~
    154         P = ParamsDictionary,
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ...
    162         ...handlers: Array<RequestHandlerParams<P, ResBody, ReqBody, ReqQuery, LocalsObj>>
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    163     ): T;
        ~~~~~~~~~
    The last overload is declared here.

Adding the types/express 4.17.21 fixes the issue but it was not needed until today

[krzysdz]

Express itself does not depend on or include @types/express. Yesterday the type definitions for Express 5.0 were published and if you did not specify the version as e.g. ^4.17.0, but omitted it or used *, npm will fetch the latest version.

By the way, the types for express are maintained in the DefinitelyTyped project:

• feat: types for express 5 DefinitelyTyped/DefinitelyTyped#70563

[Trinovantes]

Not sure why but the v5 types are pushed to v4.17.21 causing a lot of linting errors for me

I have to pin types back to 4.17.20 for now:

    "resolutions": {
        "@types/express": "4.17.21"
    }

[joaopenas]

I'm with the same issue. I would like to ask if will fix it?

By the way for who are using npm this could be a solution:

"overrides": { "@types/express": "4.17.20" }

otherwise can use the @Trinovantes solution for yarn

[jakebailey]

For anyone with this issue, can you please do npm why @types/express, pnpm why @types/express, etc, and post the results? I do not think express is depending on its own types, even transitively.

The v5 types were most assuredly not pushed to v4. The DT publisher knows when it's about to publish a package with the same contents and skips it. When the v5 types were published, v4 did not change and you can see in the version list only v5 getting updated:

express-serve-static-core (where the types actually live) did receive an update, but it did not contain any type changes. https://app.renovatebot.com/package-diff?name=@types/express-serve-static-core&from=4.19.5&to=4.19.6

[jonchurch]

@JimmyBjorklund what version range did you have for your @types/express in package.json before?

Please follow jakebailey's steps and report back.

Adding the types/express 4.17.21 fixes the issue but it was not needed until today

This would always have been necessary to guard against pulling a new major's types when they were published. The difference today is that there is a new major's types on DT

[Trinovantes]

Ah, I forgot you can use "*" to specify any version

It seems there's actually a lot of broken packages:

$ grep -r '"@types/express": ' DefinitelyTyped/
DefinitelyTyped/types/mongoose-aggregate-paginate-v2/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/node-red__runtime/package.json:11:        "@types/express": "*",
DefinitelyTyped/types/sap__logging/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/react-dev-utils/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/express-domain-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/serve-favicon/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/feathersjs__authentication-oauth2/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/oauth2orize/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/reload/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-status-monitor/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/mock-req-res/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/optics-agent/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-twitch-latest/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/ejs-locals/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/passport/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-saml/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-spotify/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/locale/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/imperium/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/less-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-correlation-id/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/aws-lambda-http-server/package.json:13:        "@types/express": "*"
DefinitelyTyped/types/type-is/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/express-actuator/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/easy-xapi-utils/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-bunyan-logger/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/falcor-express/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/server-timing-header/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/apimocker/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-jwt/package.json:15:        "@types/express": "*",
DefinitelyTyped/types/feathersjs__authentication-oauth1/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/webpack-shell-plugin/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-flash/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/swagger-jsdoc/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/i18n-abide/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-cache-response-directive/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/emartech__cls-adapter/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/passport-http-bearer/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/yog-bigpipe/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/swagger-ui-dist/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/oauth-shim/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-apple/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/mock-express-request/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/poi/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-delay-header/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/named-routes/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/steam-login/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/forest-express-mongoose/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-instagram/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-google-oauth20/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/feathersjs__errors/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/qs-middleware/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/node-slack/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/connect-azuretables/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-conditional-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/adobe__es-modules-middleware/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/response-time/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/feathersjs__authentication/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-myconnection/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/supertest-as-promised/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/express-async-wrap/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/marko/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/ottomated__passport-streamlabs/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/http-errors/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/node-steam-openid/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/route-cache/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-line/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express/package.json:15:        "@types/express": "workspace:.",
DefinitelyTyped/types/express/v4/package.json:15:        "@types/express": "workspace:.",
DefinitelyTyped/types/node-red__registry/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/express-wechat-access/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-ws/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/create-test-server/package.json:11:        "@types/express": "*",
DefinitelyTyped/types/passport-remember-me/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/epilogue/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-debug/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/vitalsigns/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/peer-dial/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-paginate/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-flash/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-processimage/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-strategy/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/smartystreets-javascript-sdk/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/craco__craco/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/send/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/basicauth-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/server/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/swagger-ui-express/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-sslify/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/swagger-node-runner/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-google-oauth2/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/node-red__editor-api/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/easy-jsend/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/method-override/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/architect__functions/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/passport-instagram-graph/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-useragent/v0/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-useragent/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/easy-api-request/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/client-sessions/package.json:14:        "@types/express": "*"
DefinitelyTyped/types/gulp-live-server/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-ws-routes/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-local/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/compression-next/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/serve-index/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-windowsauth/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-healthcheck/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/yog-log/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/connect-datadog/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/swagger-express-mw/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/passport-oauth2/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-sequence/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/kraken-js/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/passport-openidconnect/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/jwt-express/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/multer-gridfs-storage/v1/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/multer-gridfs-storage/v3/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/multer-gridfs-storage/v2/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/multer-gridfs-storage/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-flash-2/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/cassandra-store/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/mustache-express/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/graphql-upload/package.json:28:        "@types/express": "*",
DefinitelyTyped/types/express-http-proxy/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-fileupload/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/bull-arena/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/swagger-express-middleware/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/node-sass-middleware/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-auth0/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-mongodb-session/package.json:15:        "@types/express": "*"
DefinitelyTyped/types/aws-serverless-express/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/vhost/package.json:13:        "@types/express": "*"
DefinitelyTyped/types/easy-xapi/package.json:11:        "@types/express": "*",
DefinitelyTyped/types/cookie-session/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-as-promise/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-http/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/sc-framework-health-check/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-steam/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/session-file-store/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-bnet/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/express-legacy-expires/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-naver/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/acl/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/multer/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/i18n/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/signalfx-collect/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/common-errors/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/uri-template-route/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/csurf/package.json:15:        "@types/express": "*"
DefinitelyTyped/types/fusebit__oauth-connector/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/camouflage-rewrite/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/supertest/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/connect-history-api-fallback/package.json:14:        "@types/express": "*"
DefinitelyTyped/types/express-sanitized/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/body-parser/package.json:14:        "@types/express": "*"
DefinitelyTyped/types/passport-google-oauth/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-fido2-webauthn/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/swagger-stats/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/easy-session/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-brute/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/connect-slashes/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-route-fs/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/kue-ui-client/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-busboy/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/sse/package.json:12:        "@types/express": "^4.17.9999",
DefinitelyTyped/types/webpack-hot-middleware/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/connect-history-api-fallback-exclusions/package.json:14:        "@types/express": "*"
DefinitelyTyped/types/express-brute-mongo/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/node-ral/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/serve-static/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/passport-remember-me-extended/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-xml-bodyparser/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/rebind-host/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/feathersjs__authentication-jwt/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-local-mongoose/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/passport-cognito/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/streaming-json-stringify/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/sharpie/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/express-ejs-layouts/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-discord/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/kube-probe/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-facebook-token/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/node-sprite-generator/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-linkedin-oauth2/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-kakao/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/host-validation/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-redis-cache/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-vkontakte/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-timeout/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-beam/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-boom/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-locale/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/loopback/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/socket.io.users/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/honeybadger/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/http-proxy/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/socket.io-file/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/hpp/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/greenlock-express/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/istanbul-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/apicache/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-oauth-server/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/universal-analytics/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-simple-locale/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/lasso/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/statsd-client/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/logfmt/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/express-form-data/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/kue/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/ottomated__passport-twitch/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-42/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-minify/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-lastfm/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-version-request/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/polka/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/cookie-parser/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/feathersjs__authentication-local/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-redis/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/mongoose-paginate/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/passport-unique-token/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/feathersjs__express/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/node-red/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/express-socket.io-session/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/api-error-handler/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-ua-middleware/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/swagger-sails-hook/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/express-list-endpoints/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-formidable/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/shrink-ray/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/swagger-express-validator/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/connect-memcached/package.json:14:        "@types/express": "*"
DefinitelyTyped/types/gulp-connect/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/express-enforces-ssl/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/oauth2-server/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-flash-notification/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-routemap/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/react-cookies/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/connect-sqlite3/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/cors/package.json:13:        "@types/express": "*"
DefinitelyTyped/types/ltijs/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/ghost-storage-base/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/webpack-plugin-serve/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/json-server/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/express-version-route/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-deezer/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/x-ray/package.json:14:        "@types/express": "*",
DefinitelyTyped/types/morgan/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/redis-rate-limiter/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-routes-versioning/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/socketcluster-server/v14/package.json:16:        "@types/express": "*",
DefinitelyTyped/types/express-preconditions/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/hydra-box/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/agnostic-http-error-handler/package.json:10:        "@types/express": "*"
DefinitelyTyped/types/express-mung/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/promisify-supertest/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-twitter/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/compression/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-brute-memcached/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-pg-simple/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/hijackresponse/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-jsonschema/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-pino-logger/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/hbs/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/bitauth/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/wallabyjs/package.json:11:        "@types/express": "*",
DefinitelyTyped/types/absolute-url/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/samlp/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/swaggerize-express/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-partials/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/json2xls/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/yog2-kernel/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-sitemap-xml/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/riderize__passport-strava-oauth2/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/hubot/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/passport-auth-token/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-requests-logger/package.json:13:        "@types/express": "*",
DefinitelyTyped/types/passport-twitter-token/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-session/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/sticky-cluster/package.json:12:        "@types/express": "*",
DefinitelyTyped/types/documentdb-session/package.json:13:        "@types/express": "*"
DefinitelyTyped/types/express-less/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport-oauth2-client-password/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-github/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-facebook/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-slow-down/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/rdfjs__express-handler/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/forest-express-sequelize/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/set-link/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/cookies/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/passport-instagram-token/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/express-prometheus-middleware/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/passport.socketio/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-azure-ad/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/saml2-js/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/keycloak-connect-roles/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/errorhandler/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/lusca/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/express-ntlm/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/connect-busboy/package.json:10:        "@types/express": "*",
DefinitelyTyped/types/connect-ensure-login/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/sinon-express-mock/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/passport-github2/package.json:9:        "@types/express": "*",
DefinitelyTyped/types/connect-trim-body/package.json:9:        "@types/express": "*"
DefinitelyTyped/types/request-ip/package.json:12:        "@types/express": "*",

[jakebailey]

"*" means "resolve to any version", it doesn't neccesarily mean "resolve to latest". They are all compatible with v4 and v5, and if we had written 4 || 5 there, package managers should not behave differently than *.

[Trinovantes]

I'm using yarn 1.22.22 and it's resolving to the latest version for me

[jakebailey]

You may have to use overrides, then. (Yarn v1 is very old and unmaintained; maybe it's just an unfixed bug 🤷)

From the DT side, it's possible that using peer deps would help (once we implement support for them), but if package managers are still preferring newer versions, it may not help.

[JimmyBjorklund]

@types/[email protected]
node_modules/@types/express
  @types/express@"*" from @types/[email protected]
  node_modules/@types/multer
    @types/multer@"^1.4.11" from @tsoa/[email protected]
    node_modules/@tsoa/cli
      dev @tsoa/cli@"6.0.1" from the root project
    @types/multer@"^1.4.11" from @tsoa/[email protected]
    node_modules/@tsoa/runtime
      @tsoa/runtime@"6.0.0" from the root project
      @tsoa/runtime@"6.0.0" from @xxx/[email protected]
      node_modules/@xxx/xxx-shared-utils
        @xxx/xxx-shared-utils@"2.0.17" from the root project
      @tsoa/runtime@"^6.0.0" from @tsoa/[email protected]
      node_modules/@tsoa/cli
        dev @tsoa/cli@"6.0.1" from the root project
  @types/express@"*" from @types/[email protected]
  node_modules/@types/swagger-ui-express
    dev @types/swagger-ui-express@"^4.1.3" from the root project

@types/[email protected]
node_modules/jwks-rsa/node_modules/@types/express
  @types/express@"^4.17.17" from [email protected]
  node_modules/jwks-rsa
    jwks-rsa@"^3.0.1" from @xxx/[email protected]
    node_modules/@xxx/xxx-shared-utils
      @xxx/xxx-shared-utils@"2.0.17" from the root project

[RobinTail]

Those experiencing this problem need to ensure:

• not using * as a version of @types/express in your package.json, because it means "any" and can be resolved to latest, which is now v5.
• if * is set not in your package.json, but in package.json of a dependency or sub-dependency (you can use yarn why or similar approach to find out):
  • check if there is a fix released of that dependency;
  • otherwise use resolutions (for yarn) or overrides (for npm) or similar feature of your package manager to set resolutions of **/@types/express to ^4

CC @JimmyBjorklund @Trinovantes

Example of package.json entry in case of using yarn:

[RobinTail]

Not sure why but the v5 types are pushed to v4.17.21

they are not.
v5 published as v5.0.0

[Trinovantes]

Yea that was a misunderstanding on my part.

Turns out I was using @types/express-session which was one of the many @types packages I've grepped above that wildstars the express version.

[jakebailey]

I just merged in support for peerDependencies on DefinitelyTyped, so theoretically packages like expression-session can now peer dep on @types/express@* and fix these sorts of problems.

[eltatata]

I am currently making a service with Nodejs and TS using Clean Arch and I have an error with my controllers and routes

These are the routes

and these are the controllers

but this error is solved when I change the version to a previous one npm install @types/express@^4.17.21

does anyone know what is happening or can help me with this?

[RobinTail]

does anyone know what is happening

authController.loginUser must return void | Promise<void> (not Response) to be compatible with @types/[email protected], @eltatata

in your AuthController file line 20 should be either:

- if (error) return res.status(400).json({ message: error });
+ if (error) { res.status(400).json({ message: error }); return; }
# or 
+ if (error) return void res.status(400).json({ message: error });

returning Response did work with @types/express@4, because there was only void return type, and it was technically compatible with returning anything (it just used to ignore that discrepancy). But that ignorance no longer happen with return type void | Promise<void>.

In your case the statement return res.json() does two things:

• sends the response
• but also returns the response from the function (which is not needed, means nothing and causing the issue)

Therefore, you need either to separate sending from returning (make it two statements) or suppress returning (by using the void keyword).

That's how you migrate to @types/[email protected].
In case you don't like that effort, there is an existing PR in DT, trying to allow returning the Response explicitly, though I'm not a fan of that confusing idea:
DefinitelyTyped/DefinitelyTyped#70696

[RobinTail]

@JimmyBjorklund , I think this conversation is drifting from the idea of the original topic that seems to be resolved, isn't it?

[JimmyBjorklund]

We at least have a solution for how to fix the issue. One could say that the original issue is closed yes.

[eltatata]

@RobinTail Thank you so much for your help, I owe you one ❤️

[m-a-rahal-os]

Yea that was a misunderstanding on my part.

Turns out I was using @types/express-session which was one of the many @types packages I've grepped above that wildstars the express version.

express-session is the culprit for me as well after migrating from [email protected] to 4.21.2.

Thanks to @RobinTail 🙏, I managed to fix this and I'm writing an issue to express-session repo. Solution :

// for npm use "overrides" instead of "resolutions"
"resolutions": {
   "**/@types/express": "^4.17.21"
 }

As @RobinTail stated :

Those experiencing this problem need to ensure:

• not using * as a version of @types/express in your package.json, because it means "any" and can be resolved to latest, which is now v5.

• if * is set not in your package.json, but in package.json of a dependency or sub-dependency (you can use yarn why or similar approach to find out):

  • check if there is a fix released of that dependency;
  • otherwise use resolutions (for yarn) or overrides (for npm) or similar feature of your package manager to set resolutions of **/@types/express to ^4

CC @JimmyBjorklund @Trinovantes

Example of package.json entry in case of using yarn:

[bloudermilk]

If anyone is beating their head against the wall trying to use the resolutions workaround described above in a Yarn 1 project using workspaces, you'll want to place that declaration in the root package.json even if the dependency is declared in a workspace package.json.

[KalenAnson]

does anyone know what is happening

authController.loginUser must return void | Promise<void> (not Response) to be compatible with @types/[email protected], @eltatata

in your AuthController file line 20 should be either:

• if (error) return res.status(400).json({ message: error });

• if (error) { res.status(400).json({ message: error }); return; }

or

• if (error) return void res.status(400).json({ message: error });
  returning Response did work with @types/express@4, because there was only void return type, and it was technically compatible with returning anything (it just used to ignore that discrepancy). But that ignorance no longer happen with return type void | Promise<void>.

In your case the statement return res.json() does two things:

• sends the response
• but also returns the response from the function (which is not needed, means nothing and causing the issue)

Therefore, you need either to separate sending from returning (make it two statements) or suppress returning (by using the void keyword).

That's how you migrate to @types/[email protected]. In case you don't like that effort, there is an existing PR in DT, trying to allow returning the Response explicitly, though I'm not a fan of that confusing idea: DefinitelyTyped/DefinitelyTyped#70696

I feel like return res.status(400).json({ message: error }); is already wonderfully clear here. You know instantly that the handler is finished. You know intuitively what it did.

Asking devs to break this into:

res.status(400).json({ message: error });
return;

when they need eject is not only less clear (we send the response and then we decide to end the handler) but I would argue, less secure.

I feel like the suggested idiom, while understandable from a TS perspective, is just inviting the route handler to keep churning when a developer forgets to insert return;. This feels like a net negative to the security of express in my opinion.

I would love to see this decision reconsidered and to see the return res.status(400).json({ message: error }); restored to express v5+ types.

It has always been optional to return from an express request handler (we know that the request has already been sent from res.send/res.json), but it is a pattern that a lot of folks have adopted over the years that I would argue is both more readable and more secure.