Skip to content

Commit

Permalink
chore(deps): bump path-to-regexp from 7.0.0 to 7.1.0 (#890)
Browse files Browse the repository at this point in the history 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from
7.0.0 to 7.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pillarjs/path-to-regexp/releases">path-to-regexp's
releases</a>.</em></p>
<blockquote>
<h2>Strict mode</h2>
<p><strong>Added</strong></p>
<ul>
<li>Adds a <code>strict</code> option to detect potential ReDOS
issues</li>
</ul>
<p><strong>Fixed</strong></p>
<ul>
<li>Fixes separator to default to <code>suffix + prefix</code> when not
specified</li>
<li>Allows separator to be undefined in <code>TokenData</code>
<ul>
<li>This is only relevant if you are building <code>TokenData</code>
manually, previously <code>parse</code> filled it in automatically</li>
</ul>
</li>
</ul>
<p><strong>Comments</strong></p>
<ul>
<li>I highly recommend enabling <code>strict: true</code> and I'm
<em>probably</em> releasing a V8 with it enabled by default ASAP as a
necessary security mitigation</li>
</ul>
<p><a
href="https://github.com/pillarjs/path-to-regexp/compare/v7.0.0...v7.1.0">https://github.com/pillarjs/path-to-regexp/compare/v7.0.0...v7.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/c36bdfa2aa363f573439de9098c2dcc94b16e1e6"><code>c36bdfa</code></a>
7.1.0</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/46b9f0b224ade156637d2d480e5a1bfce2f387b3"><code>46b9f0b</code></a>
Add strict option to README</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/7015c1fd7760df38458268d36c441b0782bdf2b4"><code>7015c1f</code></a>
Better type for compile (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/307">#307</a>)</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/f73ec6c86b06f544b977119c2b62a16de480a6a9"><code>f73ec6c</code></a>
Adds strict mode, redos script, improved separator and delimiter</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/eaed1fc3aa682be1562efcb2f7b738c13dfae20e"><code>eaed1fc</code></a>
Document unexpected ; in errors</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/c9589365d0aba33b9745ebb9a909efdc50750007"><code>c958936</code></a>
Clarify match/compile examples in README</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/140b8248e99c34414910d0d2d6c0e822327e1197"><code>140b824</code></a>
Document ; and TokenData better</li>
<li>See full diff in <a
href="https://github.com/pillarjs/path-to-regexp/compare/v7.0.0...v7.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=path-to-regexp&package-manager=npm_and_yarn&previous-version=7.0.0&new-version=7.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Aug 23, 2024
1 parent 7f44fe9 commit 144080b
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 144080b

Please sign in to comment.