Skip to content

build(deps): bump path-to-regexp, @nestjs/core, @nestjs/platform-express and @nestjs/serve-static in /backend#106

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/multi-c6f442b9b8
Open

build(deps): bump path-to-regexp, @nestjs/core, @nestjs/platform-express and @nestjs/serve-static in /backend#106
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/multi-c6f442b9b8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 28, 2025

Bumps path-to-regexp to 3.3.0 and updates ancestor dependencies path-to-regexp, @nestjs/core, @nestjs/platform-express and @nestjs/serve-static. These dependencies need to be updated together.

Updates path-to-regexp from 0.2.5 to 3.3.0

Release notes

Sourced from path-to-regexp's releases.

Add backtracking protection

Fixed

  • Add backtrack protection to 3.x release (#321) d31670a

pillarjs/path-to-regexp@v3.2.0...v3.3.0

Match Function

Added

  • Add native match function to library

Validate and sensitive options

  • Add sensitive option for tokensToFunction (#191)
  • Add validate option to path functions (#178)

Fix backtracking in 1.x

Fixed

  • Add backtrack protection to 1.x release (#320) 925ac8e
  • Fix re.exec(&[#39](https://github.com/pillarjs/path-to-regexp/issues/39);/test/route&[#39](https://github.com/pillarjs/path-to-regexp/issues/39);) result (#267) 32a14b0

pillarjs/path-to-regexp@v1.8.0...v1.9.0

Backport token to function options

Added

  • Backport TokensToFunctionOptions
Changelog

Sourced from path-to-regexp's changelog.

Moved to GitHub Releases

3.0.0 / 2019-01-13

  • Always use prefix character as delimiter token, allowing any character to be a delimiter (e.g. /:att1-:att2-:att3-:att4-:att5)
  • Remove partial support, prefer escaping the prefix delimiter explicitly (e.g. \\/(apple-)?icon-:res(\\d+).png)

2.4.0 / 2018-08-26

  • Support start option to disable anchoring from beginning of the string

2.3.0 / 2018-08-20

  • Use delimiter when processing repeated matching groups (e.g. foo/bar has no prefix, but has a delimiter)

2.2.1 / 2018-04-24

  • Allow empty string with end: false to match both relative and absolute paths

2.2.0 / 2018-03-06

  • Pass token as second argument to encode option (e.g. encode(value, token))

2.1.0 / 2017-10-20

  • Handle non-ending paths where the final character is a delimiter
    • E.g. /foo/ before required either /foo/ or /foo// to match in non-ending mode

2.0.0 / 2017-08-23

  • New option! Ability to set endsWith to match paths like /test?query=string up to the query string
  • New option! Set delimiters for specific characters to be treated as parameter prefixes (e.g. /:test)
  • Remove isarray dependency
  • Explicitly handle trailing delimiters instead of trimming them (e.g. /test/ is now treated as /test/ instead of /test when matching)
  • Remove overloaded keys argument that accepted options
  • Remove keys list attached to the RegExp output
  • Remove asterisk functionality (it's a real pain to properly encode)
  • Change tokensToFunction (e.g. compile) to accept an encode function for pretty encoding (e.g. pass your own implementation)

1.7.0 / 2016-11-08

  • Allow a delimiter option to be passed in with tokensToRegExp which will be used for "non-ending" token match situations

1.6.0 / 2016-10-03

  • Populate RegExp.keys when using the tokensToRegExp method (making it consistent with the main export)
  • Allow a delimiter option to be passed in with parse
  • Updated TypeScript definition with Keys and Options updated

1.5.3 / 2016-06-15

... (truncated)

Commits

Updates @nestjs/core from 10.3.1 to 10.4.15

Release notes

Sourced from @​nestjs/core's releases.

v10.4.15 (2024-12-09)

Dependencies

v10.4.13 (2024-12-03)

Bug fixes

  • common
    • #14256 chore(common): Add type declaration for RawBody decorator with pipes (@​sapenlei)

Dependencies

Committers: 3

v10.4.12 (2024-11-29)

Bug fixes

Dependencies

... (truncated)

Commits

Updates @nestjs/platform-express from 10.4.6 to 10.4.15

Release notes

Sourced from @​nestjs/platform-express's releases.

v10.4.15 (2024-12-09)

Dependencies

v10.4.13 (2024-12-03)

Bug fixes

  • common
    • #14256 chore(common): Add type declaration for RawBody decorator with pipes (@​sapenlei)

Dependencies

Committers: 3

v10.4.12 (2024-11-29)

Bug fixes

Dependencies

... (truncated)

Commits

Updates @nestjs/serve-static from 4.0.0 to 5.0.3

Release notes

Sourced from @​nestjs/serve-static's releases.

Release 5.0.3

What's Changed

New Contributors

Full Changelog: nestjs/serve-static@5.0.2...5.0.3

Release 5.0.2

What's Changed

New Contributors

Full Changelog: nestjs/serve-static@5.0.1...5.0.2

Release 5.0.1

  • fix: dont send enoent error for routes under the excluded path (2cbaaaa)

Release 5.0.0

v5.0.0 (2025-01-20)

Migration guide: https://docs.nestjs.com/migration-guide

Improvements/features

  • send 404 when file does not exist
  • support preCompressed, decorateReply configuration options (Fastify)
  • support useGlobalPrefix to auto-prepend all routes with the application's global prefix
  • support Fastify v5
  • support Express v5

Breaking changes

Release 4.0.2

  • Merge pull request #1295 from nestjs/renovate/cimg-node-21.x (92c1757)
  • Merge pull request #1291 from nestjs/renovate/fastify-static-7.x (864339d)
  • chore(deps): update dependency @​fastify/static to v7 (db5c75f)
  • chore(deps): update nest monorepo to v10.3.7 (9f584a8)
  • chore(deps): update nest monorepo to v10.3.6 (a98e55e)
  • chore(deps): update typescript-eslint monorepo to v7.4.0 (db5640d)
  • chore(deps): update dependency express to v4.19.2 (572358e)
  • chore(deps): update node.js to v21 (11812bf)
  • chore(deps): update nest monorepo to v10.3.5 (8541f28)
  • chore(deps): update dependency express to v4.19.1 (422db05)
  • chore(deps): update dependency typescript to v5.4.3 (77871e0)
  • chore(deps): update dependency @​types/node to v20.11.30 (acae04e)

... (truncated)

Commits
  • afdc74b chore(): release v5.0.3
  • 54b3e4f Merge pull request #1587 from SteadEXE/master
  • cad5d89 fix(fastify): inverse fallthrough condition
  • eb0ab9e feat(fastify): implement fallthrough option for fastify adapter
  • 4a3c08c test: remove 404 test has code always fallback to index.html
  • 00d2275 fix(fastify): serve index file when it exists
  • 117fe43 chore(deps): update dependency typescript-eslint to v8.24.1 (#1586)
  • cf93ff6 chore(deps): update nest monorepo to v11.0.10 (#1585)
  • 46464a8 chore(deps): update dependency @​fastify/static to v8.1.1 (#1584)
  • 72c22f8 chore(deps): update dependency @​types/node to v22.13.4 (#1582)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump path-to-regexp, @nestjs/core, @nestjs/platform-expr…
5eb5abf 
…ess and @nestjs/serve-static

Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) to 3.3.0 and updates ancestor dependencies [path-to-regexp](https://github.com/pillarjs/path-to-regexp), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) and [@nestjs/serve-static](https://github.com/nestjs/serve-static). These dependencies need to be updated together.


Updates `path-to-regexp` from 0.2.5 to 3.3.0
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.2.5...v3.3.0)

Updates `@nestjs/core` from 10.3.1 to 10.4.15
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.15/packages/core)

Updates `@nestjs/platform-express` from 10.4.6 to 10.4.15
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.15/packages/platform-express)

Updates `@nestjs/serve-static` from 4.0.0 to 5.0.3
- [Release notes](https://github.com/nestjs/serve-static/releases)
- [Changelog](https://github.com/nestjs/serve-static/blob/master/.release-it.json)
- [Commits](nestjs/serve-static@4.0.0...5.0.3)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-type: indirect
- dependency-name: "@nestjs/core"
  dependency-type: direct:production
- dependency-name: "@nestjs/platform-express"
  dependency-type: direct:production
- dependency-name: "@nestjs/serve-static"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants