chore(upgrade): upgrade path-to-regexp

[markmssd]

Related: #2270

This PR upgrades path-to-regexp to latest version 8.

path-to-regexp v8 has breaking changes, see https://github.com/pillarjs/path-to-regexp/releases/tag/v8.0.0.

In this PR, I've attempted to make the change transparent to msw users.

[kettanaito]

Hi, @markmssd. Thanks for opening this. Updating path-to-regexp requires a bit more thought. You are introducing breaking changes to how wildcard params are exposed.

I will close this pull request because the path-to-regexp vulnerability was backported to the version range used by MSW right now. #2285 has fixed the issue.

[markmssd]

Gotcha! However the backporting didn't fully work it seems, as I brought up here: pillarjs/path-to-regexp#323 (comment). Let's hope something can be done to fully fix it.

[kettanaito]

Hope so as well. Critical vulnerabilities are good candidates for backports.

You mustn't ship MSW in production, to begin with. Critical vulnerabilities from dev dependencies have a close-to-non-existent effect on your product. But anyone is welcome to refactor MSW into newer path-to-regexp while keeping the existing tests intact.

[markmssd]

Okay Snyk got updated too now: https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106 🎉

How to fix?
Upgrade path-to-regexp to version 0.1.10, 1.9.0, 3.3.0, 6.3.0, 8.0.0 or higher.