Open dowski opened 2 days ago
We use path-to-regexp
in the createRouteMatcher
implementation which can be used in a middleware.ts
file to control which requests have auth requirements enforced.
We use that library because it's what Next.js uses under the covers for routing in middleware. Next.js also vendors an older version ofpath-to-regexp
.
In order to allow the same syntax for matching routes in middleware for convex-auth
and other Next.js middleware, we're going to keep the old path-to-regexp
version.
See the following article from the path-to-regexp
author which includes details on avoiding route patterns that can trigger the issue.
From
npm audit
: