Skip to content

deps: bump path-to-regexp from 8.3.0 to 8.4.0#3628

Merged
eablack merged 1 commit intomainfrom
dependabot/npm_and_yarn/path-to-regexp-8.4.0
Mar 30, 2026
Merged

deps: bump path-to-regexp from 8.3.0 to 8.4.0#3628
eablack merged 1 commit intomainfrom
dependabot/npm_and_yarn/path-to-regexp-8.4.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 27, 2026
edited
Loading

Bumps path-to-regexp from 8.3.0 to 8.4.0.

Release notes

Sourced from path-to-regexp's releases.

8.4.0

Important

Fixed

Changed

  • Dedupes regex prefixes (pillarjs/path-to-regexp#422)
    • This will result in shorter regular expressions for some cases using optional groups
  • Rejects large optional route combinations (pillarjs/path-to-regexp#424)
    • When using groups such as /users{/delete} it will restrict the number of generated combinations to < 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes
Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 27, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 27, 2026 23:34
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 27, 2026
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 27, 2026 23:34 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 27, 2026 23:34 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 27, 2026 23:34 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 27, 2026 23:34 Inactive
@eablack
Copy link
Copy Markdown
Contributor

eablack commented Mar 30, 2026

@dependabot rebase

@dependabot
deps: bump path-to-regexp from 8.3.0 to 8.4.0
b578495 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 8.3.0 to 8.4.0.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v8.3.0...v8.4.0)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 8.4.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/path-to-regexp-8.4.0 branch from efd8353 to b578495 Compare March 30, 2026 18:03
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 30, 2026 18:03 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 30, 2026 18:03 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 30, 2026 18:03 Inactive
@dependabot dependabot bot temporarily deployed to AcceptanceTests March 30, 2026 18:03 Inactive
@eablack eablack merged commit b22638b into main Mar 30, 2026
18 checks passed
@eablack eablack deleted the dependabot/npm_and_yarn/path-to-regexp-8.4.0 branch March 30, 2026 18:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eablack eablack eablack approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@eablack