Skip to content

Navigation Menu

Explore
By size
By industry
By use case
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

pillarjs / path-to-regexp Public

Notifications You must be signed in to change notification settings
Fork 380
Star 8.1k

Code
Issues 3
Pull requests
Discussions
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

Releases: pillarjs/path-to-regexp

Releases · pillarjs/path-to-regexp

Fix backtracking in 6.x

12 Sep 01:09

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Fix backtracking in 6.x

Fixed

Add backtrack protection to 6.x (#324) f1253b4

v6.2.2...v6.3.0

Assets 2

Loading

sacru2red, gsingh04, and BryceMehring reacted with thumbs up emoji

wkillerud, hirasso, fpapado, jaenny, sean-perkins, and rjblopes reacted with heart emoji

sacru2red, samchungy, hirasso, markmssd, and piyushchauhan2011 reacted with rocket emoji

All reactions

👍 3 reactions
❤️ 6 reactions
🚀 5 reactions

12 people reacted

Error on bad input

12 Sep 18:15

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Error on bad input

Changed

Add error on bad input values 8f09549

v0.1.10...v0.1.11

Assets 2

Loading

All reactions

v8.1.0

10 Sep 00:26

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v8.1.0 Latest

Latest

Added

Adds pathToRegexp method back for generating a regex
Adds stringify method for converting TokenData into a path string

v8.0.0...v8.1.0

Assets 2

Loading

condorheroblog, ritingliudd01, YunChaoTsai, Joel-Valentine, and sacru2red reacted with thumbs up emoji

hirasso reacted with heart emoji

All reactions

👍 5 reactions
❤️ 1 reaction

6 people reacted

Support array inputs (again)

10 Sep 00:58

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Support array inputs (again)

Added

Support array inputs for match and pathToRegexp 3fdd88f

v7.1.0...v7.2.0

Assets 2

Loading

All reactions

Add backtracking protection

10 Sep 22:04

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Add backtracking protection

Fixed

Add backtrack protection to 3.x release (#321) d31670a

v3.2.0...v3.3.0

Assets 2

Loading

pnewhook, sacru2red, hirasso, and benkeen reacted with thumbs up emoji

All reactions

👍 4 reactions

4 people reacted

Fix backtracking in 1.x

10 Sep 21:26

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Fix backtracking in 1.x

Fixed

Add backtrack protection to 1.x release (#320) 925ac8e
Fix re.exec('/test/route') result (#267) 32a14b0

v1.8.0...v1.9.0

Assets 2

Loading

sacru2red, lyn-zhilin-yang, and Alienah reacted with thumbs up emoji

rjblopes reacted with heart emoji

All reactions

👍 3 reactions
❤️ 1 reaction

4 people reacted

Simpler API

01 Sep 22:22

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Simpler API

Heads up! This is a fairly large change (again) and I need to apologize in advance. If I foresaw what this version would have ended up being I would not have released version 7. A longer blog post and explanation will be incoming this week, but the pivot has been due to work on Express.js v5 and this will the finalized syntax used in Express moving forward.

Edit: The post is out - https://blakeembrey.com/posts/2024-09-web-redos/

Added

Adds key names to wildcards using *name syntax, aligns with : behavior but using an asterisk instead

Changed

Removes group suffixes of ?, +, and * - only optional exists moving forward (use wildcards for +, {*foo} for *)
Parameter names follow JS identifier rules and allow unicode characters

Added

Parameter names can now be quoted, e.g. :"foo-bar"
Match accepts an array of values, so the signature is now string | TokenData | Array<string | TokenData>

Removed

Removes loose mode
Removes regular expression overrides of parameters

v7.1.0...v8.0.0

Assets 2

Loading

condorheroblog, ysaito8015, xiaody, and e22m4u reacted with eyes emoji

All reactions

👀 4 reactions

4 people reacted

Backtrack protection

01 Sep 22:08

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Backtrack protection

Fixed

Add backtrack protection to parameters 29b96b4
- This will break some edge cases but should improve performance

v0.1.9...v0.1.10

Assets 2

Loading

All reactions

Support non-lookahead regex output

22 Aug 01:30

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Support non-lookahead regex output

Added

Allow a non-lookahead regex (#312) c4272e4

component/path-to-regexp@v0.1.8...v0.1.9

Assets 2

Loading

All reactions

Strict mode

13 Jul 23:54

blakeembrey

This commit was signed with the committer’s verified signature.

blakeembrey Blake Embrey

SSH Key Fingerprint: M0ITNfB+BngsDhNhVwWJl3OOIrDqTLFtdjQ3WGttbd8 Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Strict mode

Added

Adds a strict option to detect potential ReDOS issues

Fixed

Fixes separator to default to suffix + prefix when not specified
Allows separator to be undefined in TokenData
- This is only relevant if you are building TokenData manually, previously parse filled it in automatically

Comments

I highly recommend enabling strict: true and I'm probably releasing a V8 with it enabled by default ASAP as a necessary security mitigation

v7.0.0...v7.1.0

Assets 2

Loading

All reactions

Previous 1 2 3 Next

Previous Next

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.