Bump the npm_and_yarn group across 1 directory with 13 updates

[dependabot]

Bumps the npm_and_yarn group with 10 updates in the /frontend directory:

Package	From	To
axios	1.6.8	1.8.2
@babel/helpers	7.24.4	7.27.0
@babel/runtime	7.24.4	7.27.0
braces	3.0.2	3.0.3
express	4.19.2	4.21.2
http-proxy-middleware	2.0.6	2.0.9
micromatch	4.0.5	4.0.8
nanoid	3.3.7	3.3.11
rollup	2.79.1	2.79.2
webpack	5.91.0	5.99.7

Updates axios from 1.6.8 to 1.8.2

Release notes

Sourced from axios's releases.

Release v1.8.2

Release notes:

Bug Fixes

• http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

• Fasoro-Joseph Alexander

Release v1.8.1

Release notes:

Bug Fixes

• utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.8.0

Release notes:

Bug Fixes

• examples: application crashed when navigating examples in browser (#5938) (1260ded)
• missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
• utils: replace getRandomValues with crypto module (#6788) (23a25af)

Features

• Add config for ignoring absolute URLs (#5902) (#6192) (32c7bcc)

Reverts

• Revert "chore: expose fromDataToStream to be consumable (#6731)" (#6732) (1317261), closes #6731 #6732

BREAKING CHANGES

• code relying on the above will now combine the URLs instead of prefer request URL

• feat: add config option for allowing absolute URLs

• fix: add default value for allowAbsoluteUrls in buildFullPath

• fix: typo in flow control when setting allowAbsoluteUrls

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.8.2 (2025-03-07)

Bug Fixes

• http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

• Fasoro-Joseph Alexander

1.8.1 (2025-02-26)

Bug Fixes

• utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

• Dmitriy Mozgovoy

1.8.0 (2025-02-25)

Bug Fixes

• examples: application crashed when navigating examples in browser (#5938) (1260ded)
• missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
• utils: replace getRandomValues with crypto module (#6788) (23a25af)

Features

• Add config for ignoring absolute URLs (#5902) (#6192) (32c7bcc)

Reverts

• Revert "chore: expose fromDataToStream to be consumable (#6731)" (#6732) (1317261), closes #6731 #6732

BREAKING CHANGES

• code relying on the above will now combine the URLs instead of prefer request URL

• feat: add config option for allowing absolute URLs

• fix: add default value for allowAbsoluteUrls in buildFullPath

... (truncated)

Commits

• a9f7689 chore(release): v1.8.2 (#6812)
• fb8eec2 fix(http-adapter): add allowAbsoluteUrls to path building (#6810)
• 9812045 chore(sponsor): update sponsor block (#6804)
• 72acf75 chore(sponsor): update sponsor block (#6794)
• 2e64afd chore(release): v1.8.1 (#6800)
• 36a5a62 fix(utils): move generateString to platform utils to avoid importing crypto...
• cceb7b1 chore(release): v1.8.0 (#6795)
• 23a25af fix(utils): replace getRandomValues with crypto module (#6788)
• 32c7bcc feat: Add config for ignoring absolute URLs (#5902) (#6192)
• 4a3e26c chore(config): adjust rollup config to preserve license header to minified Ja...
• Additional commits viewable in compare view

Updates @babel/helpers from 7.24.4 to 7.27.0

Release notes

Sourced from @​babel/helpers's releases.

v7.27.0 (2025-03-24)

Thanks @​ishchhabra and @​vovkasm for your first PRs!

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Ish Chhabra (@​ishchhabra)
• Vladimir Timofeev (@​vovkasm)
• @​liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @​babel/helpers's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

• babel-parser
  • #17159 Disallow decorator in array pattern (@​JLHwung)

🐛 Bug Fix

• babel-parser, babel-template
  • #17164 Fix: always initialize ExportDeclaration attributes (@​JLHwung)
• babel-core
  • #17142 fix: "Map maximum size exceeded" in deepClone (@​liuxingbaoyu)

... (truncated)

Commits

• 5c350ea v7.27.0
• ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
• e1ce99d v7.26.10
• d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
• 64bca7b v7.26.9
• 4cf5c9e [babel 8] Use @babel/types for parser's return type (#17117)
• 2d95140 v7.26.7
• 0e6199b Make "object without properties" helpers ES6-compatible (#17086)
• cd24cc0 chore: Update TS 5.7 (#17053)
• 63d3038 v7.26.0
• Additional commits viewable in compare view

Updates @babel/runtime from 7.24.4 to 7.27.0

Release notes

Sourced from @​babel/runtime's releases.

v7.27.0 (2025-03-24)

Thanks @​ishchhabra and @​vovkasm for your first PRs!

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Ish Chhabra (@​ishchhabra)
• Vladimir Timofeev (@​vovkasm)
• @​liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

• babel-parser
  • #17159 Disallow decorator in array pattern (@​JLHwung)

🐛 Bug Fix

• babel-parser, babel-template
  • #17164 Fix: always initialize ExportDeclaration attributes (@​JLHwung)
• babel-core
  • #17142 fix: "Map maximum size exceeded" in deepClone (@​liuxingbaoyu)

... (truncated)

Commits

• 5c350ea v7.27.0
• ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
• e1ce99d v7.26.10
• d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
• 64bca7b v7.26.9
• 2d95140 v7.26.7
• 63d3038 v7.26.0
• b07957e v7.25.9
• af91759 fix: Accidentally publishing useless files (#16917)
• 2533cfb v7.25.7
• Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: path-to-regexp@0.1.11 by @​blakeembrey in expressjs/express#5956
• deps: bump path-to-regexp@0.1.12 by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in expressjs/express#5935
• finalhandler@1.3.1 by @​wesleytodd in expressjs/express#5954
• fix(deps): serve-static@1.16.2 by @​wesleytodd in expressjs/express#5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in expressjs/express#5946

New Contributors

• @​agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: path-to-regexp@0.1.12
  • Fix backtracking protection
• deps: path-to-regexp@0.1.11
  • Throws an error on invalid path values

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

• Deprecate res.location("back") and res.redirect("back") magic string
• deps: serve-static@1.16.2
  • includes send@0.19.0
• deps: finalhandler@1.3.1
• deps: qs@6.13.0

4.20.0 / 2024-09-10

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump path-to-regexp@0.1.12 (#6209)
• 59fc270 deps: path-to-regexp@0.1.11 (#5956)
• 51fc39c docs: add funding (#6065)
• 8e229f9 4.21.1
• a024c8a fix(deps): cookie@0.7.1
• 7e562c6 4.21.0
• 1bcde96 fix(deps): qs@6.13.0 (#5946)
• 7d36477 fix(deps): serve-static@1.16.2 (#5951)
• 40d2d8f fix(deps): finalhandler@1.3.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates http-proxy-middleware from 2.0.6 to 2.0.9

Release notes

Sourced from http-proxy-middleware's releases.

v2.0.9

What's Changed

• fix(fixRequestBody): check readableLength by @​chimurai in chimurai/http-proxy-middleware#1097
• chore(package): v2.0.9 by @​chimurai in chimurai/http-proxy-middleware#1099

Full Changelog: chimurai/http-proxy-middleware@v2.0.8...v2.0.9

v2.0.8

What's Changed

• fix(fixRequestBody): prevent multiple .write() calls by @​chimurai in chimurai/http-proxy-middleware#1090
• fix(fixRequestBody): handle invalid request by @​chimurai in chimurai/http-proxy-middleware#1091
• chore(package): v2.0.8 by @​chimurai in chimurai/http-proxy-middleware#1094

Full Changelog: chimurai/http-proxy-middleware@v2.0.7...v2.0.8

v2.0.7

Full Changelog: chimurai/http-proxy-middleware@v2.0.6...v2.0.7

v2.0.7-beta.1

Full Changelog: chimurai/http-proxy-middleware@v2.0.7-beta.0...v2.0.7-beta.1

v2.0.7-beta.0

Full Changelog: chimurai/http-proxy-middleware@v2.0.6...v2.0.7-beta.0

Changelog

Sourced from http-proxy-middleware's changelog.

v2.0.9

• fix(fixRequestBody): check readableLength

v2.0.8

• fix(fixRequestBody): prevent multiple .write() calls
• fix(fixRequestBody): handle invalid request

v2.0.7

• ci(github actions): add publish.yml
• fix(filter): handle errors

Commits

• 617a7c9 chore(package): v2.0.9 (#1099)
• d22d587 fix(fixRequestBody): check readableLength (#1097)
• d03d51b chore(package): v2.0.8 (#1094)
• c50dd06 fix(fixRequestBody): handle invalid request (#1091)
• 76a9d8d fix(fixRequestBody): prevent multiple .write() calls (#1090)
• 1e92339 ci(github-actions): fix npm tag
• 90afb7c chore(package): v2.0.7
• 0b4274e fix(filter): handle errors
• 1bd6dd5 ci(github actions): add publish.yml
• See full diff in compare view

Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

[4.0.7] - 2024-05-22

• this is basically v4.0.5, with some README updates
• it is vulnerable to CVE-2024-4067
• Updated braces to v3.0.3 to avoid CVE-2024-4068
• does NOT break API compatibility

[4.0.6] - 2024-05-21

• Added hasBraces to check if a pattern contains braces.
• Fixes CVE-2024-4067
• BREAKS API COMPATIBILITY
• Should be labeled as a major release, but it's not.

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.11

Release notes

Sourced from nanoid's releases.

3.3.11

• Fixed React Native support.

3.3.10

• Fixed React Native support (by @​steida).

3.3.9

• Reduced npm package size.

Changelog

Sourced from nanoid's changelog.

3.3.11

• Fixed React Native support.

3.3.10

• Fixed React Native support (by @​steida).

3.3.9

• Reduced npm package size.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 37289ce Release 3.3.11 version
• 23690b7 Fix CI
• c147962 Fix RN support
• a83734e Move to manually ESM/CJS dual package
• bb12e8a Release 3.3.10 version
• 8f44264 Fix Expo support
• adf9b0c Release 3.3.9 version
• 1c6f088 Remove dev file from npm package
• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• Additional commits viewable in compare view

Updates path-to-regexp from 0.1.7 to 0.1.12

Release notes

Sourced from path-to-regexp's releases.

Fix backtracking (again)

Fixed

• Improved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: GHSA-9wv6-86v2-598j)

pillarjs/path-to-regexp@v0.1.11...v0.1.12

Error on bad input

Changed

• Add error on bad input values 8f09549

pillarjs/path-to-regexp@v0.1.10...v0.1.11

Backtrack protection

Fixed

• Add backtrack protection to parameters 29b96b4
  • This will break some edge cases but should improve performance

pillarjs/path-to-regexp@v0.1.9...v0.1.10

Support non-lookahead regex output

Added

• Allow a non-lookahead regex (#312) c4272e4

component/path-to-regexp@v0.1.8...v0.1.9

Support named matching groups in RegExp

Added

• Add support for named matching groups (#301) 114f62d

pillarjs/path-to-regexp@v0.1.7...v0.1.8

Commits

• 640e694 0.1.12
• f01c26a Merge commit from fork
• 0c71192 0.1.11
• 8f09549 Add error on bad input values
• c827fce 0.1.10
• 29b96b4 Add backtrack protection to parameters
• ac4c234 Update repo url (#314)
• bdb6635 0.1.9
• c4272e4 Allow a non-lookahead regex (

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 15 packages with OpenSSF Scorecard issues.

View full job summary

[github-actions]

Thank you for your contribution! This PR has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 7 days, if no further activity occurs. If this pull request is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.

[github-actions]

This PR has been marked stale for 7 days, and is now closed due to inactivity. If this contribution is still relevant, please re-open this PR or file a new one. Thank you!

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml