chore(deps): update dependency path-to-regexp to v0.2.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
path-to-regexp	0.1.12 -> 0.2.5

---

Release Notes

pillarjs/path-to-regexp (path-to-regexp)

v0.2.5

Compare Source

• Allow keys parameter to be omitted

v0.2.4

Compare Source

• Code coverage badge
• Updated readme
• Attach keys to the generated regexp

v0.2.3

Compare Source

• Add MIT license

v0.2.2

Compare Source

• A passed in trailing slash in non-strict mode will become optional
• In non-end mode, the optional trailing slash will only match at the end

v0.2.1

Compare Source

• Fixed a major capturing group regexp regression

v0.2.0

Compare Source

• Improved support for arrays
• Improved support for regexps
• Better support for non-ending strict mode matches with a trailing slash
• Travis CI support
• Block using regexp special characters in the path
• Removed support for the asterisk to match all
• New support for parameter suffixes - *, + and ?
• Updated readme
• Provide delimiter information with keys array

---

Configuration

📅 Schedule: Branch creation - "after 7pm every weekday,before 5am every weekday" in timezone Europe/Madrid, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled because a matching PR was automerged previously.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
unleash-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 24, 2024 3:25am
unleash-monorepo-frontend	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 24, 2024 3:25am

[github-actions]

Dependency Review

The following issues were found:

• ❌ 1 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

website/yarn.lock

Name	Version	Vulnerability	Severity
path-to-regexp	0.2.5	path-to-regexp outputs backtracking regular expressions	high

Only included vulnerabilities with severity moderate or higher.

OpenSSF Scorecard

Package	Version	Score	Details
npm/path-to-regexp	0.2.5	🟢 3	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected SAST ⚠️ 0 no SAST tool detected Dangerous-Workflow ⚠️ -1 no workflows found Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review ⚠️ 0 Found 0/4 approved changesets -- score normalized to 0 Pinned-Dependencies ⚠️ -1 no dependencies found Token-Permissions ⚠️ -1 No tokens found Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found

Scanned Files

• website/yarn.lock