Skip to content

Commit 3dd1a88

Browse files
evertevert
authored
Merge pull request #43 from curveball/update-path-to-regexp
Update path-to-regexp from 6 to 8.1, which fixes a security vulnerability.
2 parents 54ebc69 + 399833f commit 3dd1a88

File tree

4 files changed

+1043
-809
lines changed

4 files changed

+1043
-809
lines changed

.github/workflows/node.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818

1919
strategy:
2020
matrix:
21-
node-version: [18.x, 20.x, 21.x]
21+
node-version: [18.x, 20.x, 22.x]
2222
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
2323

2424
steps:

changelog.md

+10
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,16 @@
11
Changelog
22
=========
33

4+
2.0.0 (????-??-??)
5+
------------------
6+
7+
* Updated path-to-regexp from 6 to 8.1, to fix a security vulnerability.
8+
Unfortunately the supported syntax for path-to-regexp has changed slightly
9+
for complex routes, so this is a breaking change. Most common simple routes
10+
will not be affected. For more information consult the path-to-regexp
11+
changelog: https://github.com/pillarjs/path-to-regexp/releases
12+
13+
414
1.0.0 (2024-01-16)
515
------------------
616

0 commit comments

Comments
 (0)