fix: bump path-to-regexp 8.3.0 → 8.4.0 (GHSA-j3q9-mxjg-w52f, GHSA-27v5-c462-wpq7)

jensenbox · jensenbox · commit 26f0be039bb5 · 2026-03-27T23:55:03.000-07:00
Resolves high/moderate severity ReDoS vulnerabilities flagged by
dependency review.
diff --git a/lambdas/yarn.lock b/lambdas/yarn.lock
@@ -8911,9 +8911,9 @@ __metadata:
   linkType: hard
 
 "path-to-regexp@npm:^8.0.0, path-to-regexp@npm:^8.3.0":
-  version: 8.3.0
-  resolution: "path-to-regexp@npm:8.3.0"
-  checksum: 10c0/ee1544a73a3f294a97a4c663b0ce71bbf1621d732d80c9c9ed201b3e911a86cb628ebad691b9d40f40a3742fe22011e5a059d8eed2cf63ec2cb94f6fb4efe67c
+  version: 8.4.0
+  resolution: "path-to-regexp@npm:8.4.0"
+  checksum: 10c0/171a540aed2a5dff3da6e7584f263ae65d868daea382ea3bd1ddeb828912661133d5a94fce83bd3125f0799df8dfd4924b270e2987a31930901cfd94ae164b45
   languageName: node
   linkType: hard
 
