profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/Glinkis/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Victor Glindås Glinkis @pafcloud Sweden 3D artist gone software developer. I enjoy solving problems, and highly value professionalism and clean code.

Glinkis/rpg-story-engine 14

A random generator and inspiration source for DnD enthusiasts.

Glinkis/Cinema4D-Open-Rigs 6

Sharing is caring! This repository aims at creating and sharing rigs for Cinema4D.

Glinkis/flux-entity 2

Utility library for the flux entity pattern

Glinkis/jslib 2

A modular javascript utility library,

Glinkis/create-ts-library 1

Simplifies the creation and distribution of typescript-based libraries.

Glinkis/animoid 0

An animation utility for the web.

Glinkis/chiaki 0

Free and Open Source PS4 Remote Play Client

Glinkis/create-react-app 0

Set up a modern web app by running one command.

Glinkis/deathmek 0

My first c++ project.

issue commentivanhofer/typesafe-i18n

Make an example for NextJS

Huh. Why was I mentioned?

IRediTOTO

comment created time in 15 days

delete branch Glinkis/work-trial-softrobot

delete branch : dependabot/npm_and_yarn/tar-2.2.2

delete time in a month

push eventGlinkis/work-trial-softrobot

dependabot[bot]

commit sha 19f2f8921f3bcee28826c91b346ef8aef1133a7e

Bump tar from 2.2.1 to 2.2.2 Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-tar/compare/v2.2.1...v2.2.2) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Victor Glindås

commit sha 293eeb9fd6f6377ac2e76b2f6bf0f8e095cbd703

Merge pull request #24 from Glinkis/dependabot/npm_and_yarn/tar-2.2.2 Bump tar from 2.2.1 to 2.2.2

view details

push time in a month

PR merged Glinkis/work-trial-softrobot

Bump tar from 2.2.1 to 2.2.2 dependencies

Bumps tar from 2.2.1 to 2.2.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/node-tar/commit/523c5c7fef48b10811fccd12b42803c61b6aead8"><code>523c5c7</code></a> 2.2.2</li> <li><a href="https://github.com/npm/node-tar/commit/7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d"><code>7ecef07</code></a> Bump fstream to fix hardlink overwriting vulnerability</li> <li><a href="https://github.com/npm/node-tar/commit/9fc84b9c596c3589d4c1ab050843de0eafb002e8"><code>9fc84b9</code></a> Use {} for hardlink tracking instead of []</li> <li><a href="https://github.com/npm/node-tar/commit/15e59f1d671ffbe4ae7c74dafcbec93ea2584e34"><code>15e59f1</code></a> Only track previously seen hardlinks</li> <li><a href="https://github.com/npm/node-tar/commit/4f8585178af78f8f64c5ca38e923c306613278b9"><code>4f85851</code></a> Ignore potentially unsafe files</li> <li>See full diff in <a href="https://github.com/npm/node-tar/compare/v2.2.1...v2.2.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+71 -19

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

startednicoespeon/abracadabra

started time in 2 months

issue commentryceg/Eigengrau-s-Essential-Establishment-Generator

Export to JSON malfunctioning

Can you attach one of these out Jason files? And a JSON that starts and ends with square brackets is perfectly valid.

["value"]
toledo932

comment created time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

dependabot[bot]

commit sha 8e77cf566d6699efba23c4832672a78f07f6ecda

Bump lodash from 4.17.19 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21) Signed-off-by: dependabot[bot] <support@github.com>

view details

Victor Glindås

commit sha 5f4f06026901cb97dece3680535c223a9c5ada61

Merge pull request #2 from Glinkis/dependabot/npm_and_yarn/lodash-4.17.21 Bump lodash from 4.17.19 to 4.17.21

view details

push time in 2 months

delete branch Glinkis/eslint-plugin-function-call-context

delete branch : dependabot/npm_and_yarn/lodash-4.17.21

delete time in 2 months

PR merged Glinkis/eslint-plugin-function-call-context

Bump lodash from 4.17.19 to 4.17.21 dependencies

Bumps lodash from 4.17.19 to 4.17.21. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.19...4.17.21">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha ea471574e283d9d033b0eb1665fff24994d78347

Refactor

view details

push time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha 2ef1e220765e63ca4bdbfa34c619546875c54e79

Remove redundant variable

view details

push time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha 1a63636ae561c1086fe18179e028bc7ae24432a2

Remove redundant type guard

view details

push time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha abd632f4613afe4dd6a025adc9a0b20e2470c736

Use correct message grammar

view details

push time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha 7747e01482c69a0a7cc1d425ac1efa1f7d4a179c

Inline rule in index

view details

push time in 2 months

push eventGlinkis/eslint-plugin-function-call-context

Victor Glindås

commit sha d122864bae83936bfa38ae4599061085849dc69f

Update dependencies

view details

push time in 2 months

push eventGlinkis/flux-entity

Victor Glindås

commit sha 3f847fe8b1a48ec975c0ec65ce5964dbb66906e7

Update dependencies

view details

Victor Glindås

commit sha 04e3352e8bd2263ed14105e197598fbac4b5303b

Merge branch 'master' of https://github.com/Glinkis/flux-entity

view details

push time in 2 months

delete branch Glinkis/flux-entity

delete branch : dependabot/npm_and_yarn/glob-parent-5.1.2

delete time in 2 months

push eventGlinkis/flux-entity

dependabot[bot]

commit sha bf3928368ff923d370ea0e98856d84debb4dc37c

Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Victor Glindås

commit sha 2915d150bfa03a2635d0b8827a70cc016b26e33e

Merge pull request #3 from Glinkis/dependabot/npm_and_yarn/glob-parent-5.1.2 Bump glob-parent from 5.1.1 to 5.1.2

view details

push time in 2 months

PR merged Glinkis/flux-entity

Bump glob-parent from 5.1.1 to 5.1.2 dependencies

Bumps glob-parent from 5.1.1 to 5.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/releases">glob-parent's releases</a>.</em></p> <blockquote> <h2>v5.1.2</h2> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md">glob-parent's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">5.1.2</a> (2021-03-06)</h3> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> <h2><a href="https://www.github.com/gulpjs/glob-parent/compare/v5.1.2...v6.0.0">6.0.0</a> (2021-05-03)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>)</li> <li>upgrade scaffold, dropping node <10 support</li> </ul> <h3>Bug Fixes</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>) (<a href="https://www.github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47">32f6d52</a>), closes <a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/32">#32</a></li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li>upgrade scaffold, dropping node <10 support (<a href="https://www.github.com/gulpjs/glob-parent/commit/e83d0c5a411947cf69eb58f36349db80439c606f">e83d0c5</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gulpjs/glob-parent/commit/eb2c439de448c779b450472e591a2bc9e37e9668"><code>eb2c439</code></a> chore: update changelog</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/12bcb6c45c942e2d05fc1e6ff5402e72555b54b6"><code>12bcb6c</code></a> chore: release 5.1.2</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366"><code>f923116</code></a> fix: eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/0b014a7962789b2d8f2cf0b6311f40667aecd62c"><code>0b014a7</code></a> chore: add JSDoc returns information (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/33">#33</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/2b24ebd64b2a045aa167c825376335555da139fd"><code>2b24ebd</code></a> chore: generate initial changelog</li> <li>See full diff in <a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Glinkis/rpg-story-engine

delete branch : dependabot/npm_and_yarn/yargs-parser-13.1.2

delete time in 2 months

push eventGlinkis/rpg-story-engine

dependabot[bot]

commit sha b7ccc4b8e06cce900aa3c9695fbca62c29ce0fbf

Bump yargs-parser from 13.1.1 to 13.1.2 (#19) Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 13.1.1 to 13.1.2. - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/master/docs/CHANGELOG-full.md) - [Commits](https://github.com/yargs/yargs-parser/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Glinkis/rpg-story-engine

Bump yargs-parser from 13.1.1 to 13.1.2 dependencies

Bumps yargs-parser from 13.1.1 to 13.1.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/blob/master/docs/CHANGELOG-full.md">yargs-parser's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/yargs/yargs-parser/compare/v14.0.0...v15.0.0">15.0.0</a> (2019-10-07)</h2> <h3>Features</h3> <ul> <li>rework <code>collect-unknown-options</code> into <code>unknown-options-as-args</code>, providing more comprehensive functionality (<a href="https://github.com/yargs/yargs-parser/commit/ef771ca">ef771ca</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>rework <code>collect-unknown-options</code> into <code>unknown-options-as-args</code>, providing more comprehensive functionality</li> </ul> <h2><a href="https://github.com/yargs/yargs-parser/compare/v13.1.1...v14.0.0">14.0.0</a> (2019-09-06)</h2> <h3>Bug Fixes</h3> <ul> <li>boolean arrays with default values (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/185">#185</a>) (<a href="https://github.com/yargs/yargs-parser/commit/7d42572">7d42572</a>)</li> <li>boolean now behaves the same as other array types (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/184">#184</a>) (<a href="https://github.com/yargs/yargs-parser/commit/17ca3bd">17ca3bd</a>)</li> <li>eatNargs() for 'opt.narg === 0' and boolean typed options (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/188">#188</a>) (<a href="https://github.com/yargs/yargs-parser/commit/c5a1db0">c5a1db0</a>)</li> <li>maybeCoerceNumber now takes precedence over coerce return value (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/182">#182</a>) (<a href="https://github.com/yargs/yargs-parser/commit/2f26436">2f26436</a>)</li> <li>take into account aliases when appending arrays from config object (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/199">#199</a>) (<a href="https://github.com/yargs/yargs-parser/commit/f8a2d3f">f8a2d3f</a>)</li> </ul> <h3>Features</h3> <ul> <li>add configuration option to "collect-unknown-options" (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/181">#181</a>) (<a href="https://github.com/yargs/yargs-parser/commit/7909cc4">7909cc4</a>)</li> <li>maybeCoerceNumber() now takes into account arrays (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/187">#187</a>) (<a href="https://github.com/yargs/yargs-parser/commit/31c204b">31c204b</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>unless "parse-numbers" is set to "false", arrays of numeric strings are now parsed as numbers, rather than strings.</li> <li>we have dropped the broken "defaulted" functionality; we would like to revisit adding this in the future.</li> <li>maybeCoerceNumber now takes precedence over coerce return value (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/182">#182</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/yargs/yargs-parser/commits">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~oss-bot">oss-bot</a>, a new releaser for yargs-parser since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Glinkis/rpg-story-engine

delete branch : dependabot/npm_and_yarn/color-string-1.5.5

delete time in 2 months

push eventGlinkis/rpg-story-engine

dependabot[bot]

commit sha 450e70183c4478f38e48328a13df83fedb51e937

Bump color-string from 1.5.3 to 1.5.5 (#26) Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.5.5. - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.5.5) --- updated-dependencies: - dependency-name: color-string dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Glinkis/rpg-story-engine

Bump color-string from 1.5.3 to 1.5.5 dependencies

Bumps color-string from 1.5.3 to 1.5.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Qix-/color-string/releases">color-string's releases</a>.</em></p> <blockquote> <h2>1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)</h2> <blockquote> <p>Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3</p> </blockquote> <pre><code>Discovered by Yeting Li, c/o Colin Ife via Snyk.io. <p>A ReDos (Regular Expression Denial of Service) vulnerability was responsibly disclosed to me via email by Colin on Mar 5 2021 regarding an exponential time complexity for linearly increasing input lengths for <code>hwb()</code> color strings.</p> <p>Strings reaching more than 5000 characters would see several milliseconds of processing time; strings reaching more than 50,000 characters began seeing 1500ms (1.5s) of processing time.</p> <p>The cause was due to a the regular expression that parses hwb() strings - specifically, the hue value - where the integer portion of the hue value used a 0-or-more quantifier shortly thereafter followed by a 1-or-more quantifier.</p> <p>This caused excessive backtracking and a cartesian scan, resulting in exponential time complexity given a linear increase in input length.</p> <p>Thank you Yeting Li and Colin Ife for bringing this to my attention in a secure, responsible and professional manner.</p> <p>A CVE will not be assigned for this vulnerability. </code></pre></p> <h2>1.5.4 (Patch Release)</h2> <ul> <li>Removes rounding of alpha values in RGBA hex (<code>#rrggbbaa</code>) and condensed-hex (<code>#rgba</code>) parsers, which caused certain unique inputs to result in identical outputs (see <a href="https://github.com/qix-/color/issues/174">https://github.com/qix-/color/issues/174</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/Qix-/color-string/commits/1.5.5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Glinkis/rpg-story-engine

delete branch : dependabot/npm_and_yarn/ini-1.3.8

delete time in 2 months

push eventGlinkis/rpg-story-engine

dependabot[bot]

commit sha 862c75c0ce1aa1e54e8e864b19e8c425a304e435

Bump ini from 1.3.5 to 1.3.8 (#20) Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Glinkis/rpg-story-engine

Bump ini from 1.3.5 to 1.3.8 dependencies

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps ini from 1.3.5 to 1.3.8. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/ini/commit/a2c5da86604bc2238fe393c5ff083bf23a9910eb"><code>a2c5da8</code></a> 1.3.8</li> <li><a href="https://github.com/npm/ini/commit/af5c6bb5dca6f0248c153aa87e25bddfc515ff6e"><code>af5c6bb</code></a> Do not use Object.create(null)</li> <li><a href="https://github.com/npm/ini/commit/8b648a1ac49e1b3b7686ea957e0b95e544bc6ec1"><code>8b648a1</code></a> don't test where our devdeps don't even work</li> <li><a href="https://github.com/npm/ini/commit/c74c8af35f32b801a7e82a8309eab792a95932f6"><code>c74c8af</code></a> 1.3.7</li> <li><a href="https://github.com/npm/ini/commit/024b8b55ac1c980c6225607b007714c54eb501ba"><code>024b8b5</code></a> update deps, add linting</li> <li><a href="https://github.com/npm/ini/commit/032fbaf5f0b98fce70c8cc380e0d05177a9c9073"><code>032fbaf</code></a> Use Object.create(null) to avoid default object property hazards</li> <li><a href="https://github.com/npm/ini/commit/2da90391ef70db41d10f013e3a87f9a8c5d01a72"><code>2da9039</code></a> 1.3.6</li> <li><a href="https://github.com/npm/ini/commit/cfea636f534b5ca7550d2c28b7d1a95d936d56c6"><code>cfea636</code></a> better git push script, before publish instead of after</li> <li><a href="https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1"><code>56d2805</code></a> do not allow invalid hazardous string as section name</li> <li>See full diff in <a href="https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~isaacs">isaacs</a>, a new releaser for ini since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Glinkis/rpg-story-engine

delete branch : dependabot/npm_and_yarn/elliptic-6.5.4

delete time in 2 months

PR merged Glinkis/rpg-story-engine

Bump elliptic from 6.5.2 to 6.5.4 dependencies

Bumps elliptic from 6.5.2 to 6.5.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/43ac7f230069bd1575e1e4a58394a512303ba803"><code>43ac7f2</code></a> 6.5.4</li> <li><a href="https://github.com/indutny/elliptic/commit/f4bc72be11b0a508fb790f445c43534307c9255b"><code>f4bc72b</code></a> package: bump deps</li> <li><a href="https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f"><code>441b742</code></a> ec: validate that a point before deriving keys</li> <li><a href="https://github.com/indutny/elliptic/commit/e71b2d9359c5fe9437fbf46f1f05096de447de57"><code>e71b2d9</code></a> lib: relint using eslint</li> <li><a href="https://github.com/indutny/elliptic/commit/8421a01aa3ff789c79f91eaf8845558a7be2b9fa"><code>8421a01</code></a> build(deps): bump elliptic from 6.4.1 to 6.5.3 (<a href="https://github-redirect.dependabot.com/indutny/elliptic/issues/231">#231</a>)</li> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+17 -17

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months