Skip to content

chore(deps): bump path-to-regexp from 0.1.12 to 0.1.13#43

Open
dependabot[bot] wants to merge 14 commits into
mainfrom
dependabot/npm_and_yarn/path-to-regexp-0.1.13
Open

chore(deps): bump path-to-regexp from 0.1.12 to 0.1.13#43
dependabot[bot] wants to merge 14 commits into
mainfrom
dependabot/npm_and_yarn/path-to-regexp-0.1.13

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 30, 2026

Copy link
Copy Markdown

Bumps path-to-regexp from 0.1.12 to 0.1.13.

Release notes

Sourced from path-to-regexp's releases.

0.1.13

Important

Full Changelog: pillarjs/path-to-regexp@v0.1.12...v.0.1.13

Changelog

Sourced from path-to-regexp's changelog.

0.1.13 / 2026-03-26

0.1.7 / 2015-07-28

  • Fixed regression with escaped round brackets and matching groups.

0.1.6 / 2015-06-19

  • Replace index feature by outputting all parameters, unnamed and named.

0.1.5 / 2015-05-08

  • Add an index property for position in match result.

0.1.4 / 2015-03-05

  • Add license information

0.1.3 / 2014-07-06

  • Better array support
  • Improved support for trailing slash in non-ending mode

0.1.0 / 2014-03-06

  • add options.end

0.0.2 / 2013-02-10

  • Update to match current express
  • add .license property to component.json
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for path-to-regexp since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

rawand-shakir-draad and others added 14 commits March 5, 2026 16:11
Add plugin-loader package that reads plugins.json, validates
manifests, and exposes hooks for api-server (models, routes,
middleware, migrations) and admin-server (pages, menu items,
widget definitions).

Integration points:
- api-server: db models, middleware (5 positions), routes,
  init/migrate database scripts
- admin-server: dynamic sidenav items, catch-all plugin pages,
  widget definition merging, next.config transpilation
- widget-settings: merges plugin widget definitions into core

Safety: broken/missing plugins are logged and skipped,
never crash the server.
Remove hardcoded test-resources admin pages and let the catch-all
plugin route handle them. Add widget preview and server external
packages support to the catch-all route so plugin widgets get the
same features as core widgets.
The plugin widget route uses [...widgetPath] catch-all, so the widget ID
isn't available in router.query.id. Extract the ID from path segments and
pass it as idOverride to useWidgetConfig, useWidgetPreview, and
WidgetPublish so plugin widgets load and publish correctly.
Replace memoryStorage with databaseStorage backed by Sequelize models
for authorization codes, refresh tokens, and tasks. Access tokens
already used the database. Adds migration for the three new tables.

Also fixes a bug in token.js where non-existent memoryStorage.clients
was called instead of db.Client.
…ffinity

Add USE_KUBERNETES_CRONJOBS env var to disable in-process cron scheduling
and offload to a dedicated K8s CronJob that runs every configurable N
minutes, executing any application crons due within that window.

Add configurable pod anti-affinity (preferred/required) scoped to the
current namespace to spread replicas across nodes.
Move podAntiAffinity config from api-specific to global.podAntiAffinity
with enabled/mode settings. Add reusable helper template and apply to
all 5 deployments (api, admin, auth, cms, image). Each deployment uses
its own app label, scoped to the current namespace.
Replace build-time plugin imports with runtime loading via IIFE bundles.
Plugins are now served by the api-server and loaded via <script> tags,
enabling add/remove without rebuilding Docker images.

- Convert plugin-loader to TypeScript with manifest validation
- Add API endpoints: GET /registry, POST /reload (auth-protected), GET /bundle
- Add PluginComponentLoader React component for runtime bundle loading
- Simplify next.config.js by removing ~190 lines of build-time plugin code
- Extract plugin loading from Server.js into plugin-loader-init.js
- Remove plugin volume mounts from docker-compose.yml (moved to override)
- Remove metkoos as build-time dependency (runtime-only now)
- Add path traversal protection and Content-Type headers on bundle endpoint
- Reset plugins.json to empty default (deployment-specific config)
Add global.autoscaling values with per-service overrides for HPA
configuration including stabilizationWindowSeconds (cooldown) and
scaling policies. When autoscaling is enabled, replicas are omitted
from Deployments so the HPA manages pod count.
- Add PLUGIN_JSON_OVERRIDE env var support to plugin-loader for K8s ConfigMap injection
- Extract _loadEntries() method to avoid duplication between env var and file-based loading
- Add Helm plugins section (values.yaml) with enabled, nodeImage, installPath, npmrcSecret, items
- Add plugins-configmap.yaml template rendering plugin config as ConfigMap
- Add init container to API and Admin deployments that npm installs plugins into shared volume
- Add NODE_PATH + PLUGIN_JSON_OVERRIDE env vars to API/Admin containers and init-db-ready
- Support version pinning per plugin and private registries via npmrc secret
- Add explicit plugin-loader tsc build step in Dockerfile builder stage
- Ship plugin-loader dist/ in git (removed from .gitignore)
- Add 4 new tests for PLUGIN_JSON_OVERRIDE (41 total, all passing)
feat(plugins): runtime IIFE loading with API endpoints
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.12...v.0.1.13)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 0.1.13
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants