WRR-21447: Updated dependency to fix vulnerabilities

[ion-andrusciac-lgp]

Checklist

• I have read and understand the contribution guide
• A CHANGELOG entry is included
• Documentation was added or is not needed
• This is an API breaking change

Issue Resolved / Feature Added

There were high vulnerability

path-to-regexp <0.1.12
Severity: high
Unpatched path-to-regexp ReDoS in 0.1.x - GHSA-rhx6-c78j-4q9w
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/express/node_modules/path-to-regexp
node_modules/gatsby/node_modules/path-to-regexp
express 4.0.0-rc1 - 4.21.1 || 5.0.0-alpha.1 - 5.0.0-beta.3
Depends on vulnerable versions of path-to-regexp
node_modules/express
gatsby 3.4.0-alpha-parallel.36 - 3.14.2 || 4.0.0-alpha-9689ff.4 - 4.0.0-zz-next.9 || 5.13.0-alpha-alt-image-cdn.38 - 5.15.0-next.0
Depends on vulnerable versions of path-to-regexp
node_modules/gatsby

Resolution

Added "path-to-regexp": "^0.1.12" into overrides

Additional Considerations

Links

WRR-21447

Comments

Enact-DCO-1.0-Signed-off-by: Ion Andrusciac [email protected]

[daniel-stoian-lgp]

LGTM