Skip to content

chore(deps): bump path-to-regexp from 6.3.0 to 8.4.2#241

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/master/path-to-regexp-8.4.2
Open

chore(deps): bump path-to-regexp from 6.3.0 to 8.4.2#241
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/master/path-to-regexp-8.4.2

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 9, 2026
edited
Loading

Bumps path-to-regexp from 6.3.0 to 8.4.2.

Release notes

Sourced from path-to-regexp's releases.

v8.4.2

Fixed

  • Error on trailing backslash (#434) 9a78879

Performance

  • Minimize array allocations (#437) 937c02d
  • Improve compile performance (#436) 57247e6
    • Should improve compilation performance by ~25%
  • Remove internal tokenization during parse (#435) 5844988
    • Should improve parse performance by ~20%

Bundle size to 1.93 kB, from 1.97 kB.

pillarjs/path-to-regexp@v8.4.1...v8.4.2

v8.4.1

Fixed

  • Remove trie deduplication (#431) 6bc8e84
    • Using a trie required non-greedy matching, which regressed wildcards in non-ending mode by matching them up until the first match. For example:
      • /*foo with /a/b = /a
      • /*foo.htmlwith /a/b.html/c.html = /a/b.html
  • Allow backtrack handling to match itself (#427) 5bcd30b
    • When backtracking was introduced, it rejected matching things like /:"a"_:"b" against /foo__. This makes intuitive sense because the second parameter is not going to backtrack on _ anymore, but it's somewhat unexpected since there's no reason it shouldn't match the second _.

pillarjs/path-to-regexp@v8.4.0...v8.4.1

v8.4.0

Important

Fixed

Changed

  • Dedupes regex prefixes (pillarjs/path-to-regexp#422)
    • This will result in shorter regular expressions for some cases using optional groups
  • Rejects large optional route combinations (pillarjs/path-to-regexp#424)
    • When using groups such as /users{/delete} it will restrict the number of generated combinations to < 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes

... (truncated)

Commits

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 9, 2026
@dependabot dependabot Bot mentioned this pull request Apr 9, 2026
Closed
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/master/path-to-regexp-8.4.2 branch from 63b5f93 to e62e92c Compare April 9, 2026 14:50
@dependabot
chore(deps): bump path-to-regexp from 6.3.0 to 8.4.2
23743b3 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 6.3.0 to 8.4.2.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v6.3.0...v8.4.2)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 8.4.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/master/path-to-regexp-8.4.2 branch from e62e92c to 23743b3 Compare April 20, 2026 07:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants