From dfd9be01c0d7968f70c927d7909c67fad700c0b9 Mon Sep 17 00:00:00 2001
From: Tom Hombergs <thombergs@atlassian.com>
Date: Tue, 24 Sep 2024 12:15:40 +1000
Subject: [PATCH] [Snyk] Security upgrade path-to-regexp from 6.2.1 to 6.3.0
 (#243)

* fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106

* bump path-to-regexp

* add changeset

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Jack Brown <2359358+jackbrown@users.noreply.github.com>
---
 .changeset/plenty-knives-explode.md |  5 +++++
 package-lock.json                   | 18 +++++++++---------
 package.json                        |  2 +-
 3 files changed, 15 insertions(+), 10 deletions(-)
 create mode 100644 .changeset/plenty-knives-explode.md

diff --git a/.changeset/plenty-knives-explode.md b/.changeset/plenty-knives-explode.md
new file mode 100644
index 00000000..1b28c767
--- /dev/null
+++ b/.changeset/plenty-knives-explode.md
@@ -0,0 +1,5 @@
+---
+"react-resource-router": minor
+---
+
+Bump path-to-regexp to 6.3.0
diff --git a/package-lock.json b/package-lock.json
index ba014aee..6fd5c427 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,17 +1,17 @@
 {
   "name": "react-resource-router",
-  "version": "0.27.2",
+  "version": "0.28.0",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "react-resource-router",
-      "version": "0.27.2",
+      "version": "0.28.0",
       "license": "Apache-2.0",
       "dependencies": {
         "lodash.debounce": "^4.0.8",
         "lodash.noop": "^3.0.1",
-        "path-to-regexp": "^6.2.1",
+        "path-to-regexp": "^6.3.0",
         "react-sweet-state": "^2.6.4",
         "url-parse": "^1.5.10"
       },
@@ -20061,9 +20061,9 @@
       }
     },
     "node_modules/path-to-regexp": {
-      "version": "6.2.1",
-      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.1.tgz",
-      "integrity": "sha512-JLyh7xT1kizaEvcaXOQwOc2/Yhw6KZOvPf1S8401UyLk86CU79LN3vl7ztXGm/pZ+YjoyAJ4rxmHwbkBXJX+yw=="
+      "version": "6.3.0",
+      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.3.0.tgz",
+      "integrity": "sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ=="
     },
     "node_modules/path-type": {
       "version": "4.0.0",
@@ -40267,9 +40267,9 @@
       }
     },
     "path-to-regexp": {
-      "version": "6.2.1",
-      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.1.tgz",
-      "integrity": "sha512-JLyh7xT1kizaEvcaXOQwOc2/Yhw6KZOvPf1S8401UyLk86CU79LN3vl7ztXGm/pZ+YjoyAJ4rxmHwbkBXJX+yw=="
+      "version": "6.3.0",
+      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.3.0.tgz",
+      "integrity": "sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ=="
     },
     "path-type": {
       "version": "4.0.0",
diff --git a/package.json b/package.json
index dabb55be..3bfd3b93 100644
--- a/package.json
+++ b/package.json
@@ -66,7 +66,7 @@
   "dependencies": {
     "lodash.debounce": "^4.0.8",
     "lodash.noop": "^3.0.1",
-    "path-to-regexp": "^6.2.1",
+    "path-to-regexp": "^6.3.0",
     "react-sweet-state": "^2.6.4",
     "url-parse": "^1.5.10"
   },