Fix semver range for peer dependency of express

[DavideDaniel]

Using caret and allowing ^4.0.0 vs 4.x which requires implementing application to list their express versions with 4.x specifically.

[mormahr]

As i'm not the original author and haven't touched this line ever, can you tell me what the actual difference between those two is? Glancing over the npm/node-semver package description i had the impression that those are more or less the same, i couldn't figure out which versions would be accepted by ^4.0.0 but not by 4.x. Or do they differ in what you have to specify as a user? I'm curious ☺️

Thanks for your PR!

[DavideDaniel]

No problem. 4.x means a pinned dependency to 4.{whatever}. So then if someone says ^4.0.2 it's incompatible - the only thing compatible would be 4.0.2 - the caret ^ in ^4.0.0 is inclusive of everything within the 4 range which means ^4.0.0 includes 4.1.2, 4.2.3 etc etc. One caveat here is that this only works for anything versioned over 1.0 - i.e the caret ^ does not work for ^0.0.1 for example. The problem happening right now is minor. We simply get a warning in our console that says ^4.0.1 is incompatible with 4.x listed in express-promise-router.