page.js >=1.4.0 depends on vulnerable versions of path-to-regexp

Hi,

Recently I started getting high severity warnings from npm that this library depends on vulnerable versions of path-to-regexp (in my case page.js 1.11.6 depends on path-to-regexp 1.2.1). Could this be remedied, or can I upgrade to path-to-regexp 1.9.0 for example to provide a secure path-to-regexp library for page.js?