Skip to content

build(deps): bump path-to-regexp from 8.3.0 to 8.4.2 in /Cyrano#869

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/Cyrano/path-to-regexp-8.4.2
Open

build(deps): bump path-to-regexp from 8.3.0 to 8.4.2 in /Cyrano#869
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/Cyrano/path-to-regexp-8.4.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps path-to-regexp from 8.3.0 to 8.4.2.

Release notes

Sourced from path-to-regexp's releases.

v8.4.2

Fixed

  • Error on trailing backslash (#434) 9a78879

Performance

  • Minimize array allocations (#437) 937c02d
  • Improve compile performance (#436) 57247e6
    • Should improve compilation performance by ~25%
  • Remove internal tokenization during parse (#435) 5844988
    • Should improve parse performance by ~20%

Bundle size to 1.93 kB, from 1.97 kB.

pillarjs/path-to-regexp@v8.4.1...v8.4.2

v8.4.1

Fixed

  • Remove trie deduplication (#431) 6bc8e84
    • Using a trie required non-greedy matching, which regressed wildcards in non-ending mode by matching them up until the first match. For example:
      • /*foo with /a/b = /a
      • /*foo.htmlwith /a/b.html/c.html = /a/b.html
  • Allow backtrack handling to match itself (#427) 5bcd30b
    • When backtracking was introduced, it rejected matching things like /:"a"_:"b" against /foo__. This makes intuitive sense because the second parameter is not going to backtrack on anymore, but it's somewhat unexpected since there's no reason it shouldn't match the second`.

pillarjs/path-to-regexp@v8.4.0...v8.4.1

v8.4.0

Important

Fixed

Changed

  • Dedupes regex prefixes (pillarjs/path-to-regexp#422)
    • This will result in shorter regular expressions for some cases using optional groups
  • Rejects large optional route combinations (pillarjs/path-to-regexp#424)
    • When using groups such as /users{/delete} it will restrict the number of generated combinations to < 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes
Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added cyrano dependencies Pull requests that update a dependency file labels Apr 1, 2026
@dependabot dependabot Bot requested a review from MightyPrytanis as a code owner April 1, 2026 21:23
@dependabot dependabot Bot mentioned this pull request Apr 1, 2026
Closed
@dependabot
build(deps): bump path-to-regexp from 8.3.0 to 8.4.2 in /Cyrano
7b49b76 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 8.3.0 to 8.4.2.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v8.3.0...v8.4.2)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 8.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/Cyrano/path-to-regexp-8.4.2 branch from ab3fa25 to 7b49b76 Compare April 2, 2026 11:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MightyPrytanis MightyPrytanis Awaiting requested review from MightyPrytanis MightyPrytanis is a code owner

Assignees

No one assigned

Labels

cyrano dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MightyPrytanis