Skip to content

Bump path-to-regexp from 8.3.0 to 8.4.2 in /sandbox#343

Merged
ThomasPedleyNHS merged 1 commit intomasterfrom
dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2
Apr 10, 2026
Merged

Bump path-to-regexp from 8.3.0 to 8.4.2 in /sandbox#343
ThomasPedleyNHS merged 1 commit intomasterfrom
dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 10, 2026
edited
Loading

Bumps path-to-regexp from 8.3.0 to 8.4.2.

Release notes

Sourced from path-to-regexp's releases.

v8.4.2

Fixed

  • Error on trailing backslash (#434) 9a78879

Performance

  • Minimize array allocations (#437) 937c02d
  • Improve compile performance (#436) 57247e6
    • Should improve compilation performance by ~25%
  • Remove internal tokenization during parse (#435) 5844988
    • Should improve parse performance by ~20%

Bundle size to 1.93 kB, from 1.97 kB.

pillarjs/path-to-regexp@v8.4.1...v8.4.2

v8.4.1

Fixed

  • Remove trie deduplication (#431) 6bc8e84
    • Using a trie required non-greedy matching, which regressed wildcards in non-ending mode by matching them up until the first match. For example:
      • /*foo with /a/b = /a
      • /*foo.htmlwith /a/b.html/c.html = /a/b.html
  • Allow backtrack handling to match itself (#427) 5bcd30b
    • When backtracking was introduced, it rejected matching things like /:"a"_:"b" against /foo__. This makes intuitive sense because the second parameter is not going to backtrack on _ anymore, but it's somewhat unexpected since there's no reason it shouldn't match the second _.

pillarjs/path-to-regexp@v8.4.0...v8.4.1

v8.4.0

Important

Fixed

Changed

  • Dedupes regex prefixes (pillarjs/path-to-regexp#422)
    • This will result in shorter regular expressions for some cases using optional groups
  • Rejects large optional route combinations (pillarjs/path-to-regexp#424)
    • When using groups such as /users{/delete} it will restrict the number of generated combinations to < 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes
Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 10, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2 branch 2 times, most recently from 8b62ec9 to 4a6fbf9 Compare April 10, 2026 13:34
@ThomasPedleyNHS
Copy link
Copy Markdown
Contributor

ThomasPedleyNHS commented Apr 10, 2026

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2 branch from 4a6fbf9 to e098d2f Compare April 10, 2026 13:43
@ThomasPedleyNHS ThomasPedleyNHS enabled auto-merge (squash) April 10, 2026 13:52
@ThomasPedleyNHS
Copy link
Copy Markdown
Contributor

ThomasPedleyNHS commented Apr 10, 2026

@dependabot rebase

@dependabot
Bump path-to-regexp from 8.3.0 to 8.4.2 in /sandbox
a44c33f 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 8.3.0 to 8.4.2.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v8.3.0...v8.4.2)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 8.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2 branch from e098d2f to a44c33f Compare April 10, 2026 13:54
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 10, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@ThomasPedleyNHS ThomasPedleyNHS merged commit 9d0132c into master Apr 10, 2026
8 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/sandbox/path-to-regexp-8.4.2 branch April 10, 2026 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ThomasPedleyNHS ThomasPedleyNHS ThomasPedleyNHS approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ThomasPedleyNHS