Bump path-to-regexp, express and serve in /utils/indigo-service/frontend/ui

[dependabot]

Bumps path-to-regexp to 0.1.12 and updates ancestor dependencies path-to-regexp, express and serve. These dependencies need to be updated together.

Updates path-to-regexp from 0.1.10 to 0.1.12

Release notes

Sourced from path-to-regexp's releases.

Fix backtracking (again)

Fixed

• Improved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: GHSA-9wv6-86v2-598j)

pillarjs/path-to-regexp@v0.1.11...v0.1.12

Error on bad input

Changed

• Add error on bad input values 8f09549

pillarjs/path-to-regexp@v0.1.10...v0.1.11

Commits

• 640e694 0.1.12
• f01c26a Merge commit from fork
• 0c71192 0.1.11
• 8f09549 Add error on bad input values
• See full diff in compare view

Updates express from 4.21.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: [email protected] by @​blakeembrey in expressjs/express#5956
• deps: bump [email protected] by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: [email protected]
  • Fix backtracking protection
• deps: [email protected]
  • Throws an error on invalid path values

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump [email protected] (#6209)
• 59fc270 deps: [email protected] (#5956)
• 51fc39c docs: add funding (#6065)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates serve from 13.0.4 to 14.2.4

Release notes

Sourced from serve's releases.

14.2.4

Patches

• Bump serve-handler, vitest, and `typescript: #812

14.2.3

Patches

• Bump @zeit/schemas to 2.36.0: #803

14.2.2

Patches

• fix: Update ajv from 8.11.0 to 8.12.0: #796

Credits

Huge thanks to @​legobeat for helping!

14.2.1

Patches

• Set Access-Control-Allow-Headers: * default response header: #775

Credits

Huge thanks to @​hood for helping!

14.2.0

Minor Changes

• Update CORS headers to support PNA spec: #753
• Bump @zeit/schemas package: #756

Patches

• Update the license year: #752

Credits

Huge thanks to @​k-yle and @​IcedMonk for helping!

14.1.2

Patches

• Fix: add missing CLI option to argv parser: #742

Credits

Huge thanks to @​casperx for helping!

... (truncated)

Commits

• dd53938 14.2.4
• 67d75e0 Bump serve-handler, vitest, and typescript (#812)
• d06104a X handle has changed (#805)
• c8b7436 14.2.3
• 183554e Bump @zeit/schemas to 2.36.0 (#803)
• 28a4667 14.2.2
• 9211513 fix: Update ajv from 8.11.0 to 8.12.0 (#796)
• 1ea55b1 Lock PNPM version to 7 (#782)
• 39eecc5 14.2.1
• aaa323d Set Access-Control-Allow-Headers: * default response header (#775)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by vercel-release-bot, a new releaser for serve since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.