fix(deps): Update dependency path-to-regexp to v7 (main) #1966
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^6.3.0
->^7.2.0
Release Notes
pillarjs/path-to-regexp (path-to-regexp)
v7.2.0
: Support array inputs (again)Compare Source
Added
match
andpathToRegexp
3fdd88f
v7.1.0
: Strict modeCompare Source
Added
strict
option to detect potential ReDOS issuesFixed
suffix + prefix
when not specifiedTokenData
TokenData
manually, previouslyparse
filled it in automaticallyComments
strict: true
and I'm probably releasing a V8 with it enabled by default ASAP as a necessary security mitigationv7.0.0
: Wildcard, unicode, and modifier changesCompare Source
Hi all! There's a few major breaking changes in this release so read carefully.
Breaking changes:
compile
only accepts strings as values (i.e. no numbers, useString(value)
before compiling a path)encode !== false
, it must be an array of strings\p{XID_Continue}
).?
,*
,+
) must be used after a param explicitly wrapped in{}
/
or.
*
) has been added back and matches Express.js expected behaviorendsWith
optionstrict: true
totrailing: false
;
,,
,!
, and@
for future use-casestokensToRegexp
,tokensToFunction
andregexpToFunction
in favor of simplifying exports/
can be repeated multiple times in a matched path (i.e./foo
works like//foo
, etc)encode
anddecode
no longer receive the token as the second parameterencodeURIComponent
and decode defaults todecodeURIComponent
Added:
encodePath
to fix an issue aroundencode
being used for both path and parameters (the path and parameter should be encoded slightly differently)loose
as an option to support arbitrarily matching the delimiter in paths, e.g.foo/bar
andfoo///bar
should work the sameencode
anddecode
to be set tofalse
which skips all processing of the parameters input/outputTokenData
(exported, returned byparse
) as inputRequests for feedback:
{}
is an obvious drawback but I'm seeking feedback on whether it helps make path behavior clearer/
and.
as implicit prefixesConfiguration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here