fix: Resolve path-to-regexp to v1.9.0 to resolve GHSA-9wv6-86v2-598j

[danjm]

Description

This permanently fixes GHSA-9wv6-86v2-598j by resolving that package to a recently released version that does not having breaking changes and where the security vulnerability is resolved.

Related issues

Fixes:

Manual testing steps

1. Go to this page...

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Extension Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[socket-security]

Removed dependencies detected. Learn more about Socket for GitHub ↗︎

🚮 Removed packages: npm/[email protected]

View full report↗︎

[dbrans]

@metamaskbot update-policies

[metamaskbot]

Policies updated

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.04%. Comparing base (dfc12b6) to head (e452e41).

Additional details and impacted files

@@           Coverage Diff            @@
##           develop   #27113   +/-   ##
========================================
  Coverage    70.04%   70.04%           
========================================
  Files         1435     1435           
  Lines        49920    49920           
  Branches     13980    13980           
========================================
  Hits         34963    34963           
  Misses       14957    14957           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[metamaskbot]

Builds ready [e452e41]

• builds: chrome, firefox
• builds (beta): chrome
• builds (flask): chrome, firefox
• builds (MMI): chrome, firefox
• builds (test): chrome, firefox
• builds (test-flask): chrome, firefox
• build viz: Build System
• mv3: Background Module Init Stats
• mv3: UI Init Stats
• mv3: Module Load Stats
• mv3: Bundle Size Stats
• mv2: E2e Actions Stats
• code coverage: Report
• storybook: Storybook
• typescript migration: Dashboard
• all artifacts
• bundle viz:

  • background: 0, 1, 2, 3, 4, 5
  • common: 0, 1, 10, 11, 2, 3, 4, 5, 6, 7, 8, 9
  • content-script: 0
  • offscreen: 0
  • ui: 0, 1, 10, 11, 2, 3, 4, 5, 6, 7, 8, 9

Page Load Metrics (1835 ± 62 ms)

Platform	Page	Metric	Min (ms)	Max (ms)	Average (ms)	StandardDeviation (ms)	MarginOfError (ms)
Chrome	Home	firstPaint	182	2177	1597	581	279
		domContentLoaded	1602	2078	1813	124	59
		load	1638	2186	1835	129	62
		domInteractive	15	74	32	13	6

Bundle size diffs

• background: 0 Bytes (0.00%)
• ui: 157 Bytes (0.00%)
• common: 0 Bytes (0.00%)

[metamaskbot]

Missing release label release-12.3.0 on PR. Adding release label release-12.3.0 on PR and removing other release labels(release-12.6.0), as PR was cherry-picked in branch 12.3.0.