profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/ReactiveRaven/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
David Godfrey ReactiveRaven Byng Yorkshire, UK reactiveraven.co.uk

ReactiveRaven/angular-timeago 0

Angular directive/filter/service for formatting date so that it displays how long ago the given time was compared to now.

ReactiveRaven/antlr4 0

ANTLR (ANother Tool for Language Recognition) is a powerful parser generator for reading, processing, executing, or translating structured text or binary files.

delete branch ReactiveRaven/rr-calendar

delete branch : dependabot/npm_and_yarn/types/react-dom-17.0.7

delete time in 2 days

PR closed ReactiveRaven/rr-calendar

build(deps-dev): bump @types/react-dom from 16.9.9 to 17.0.7 dependencies

Bumps @types/react-dom from 16.9.9 to 17.0.7. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 days

pull request commentReactiveRaven/rr-calendar

build(deps-dev): bump @types/react-dom from 16.9.9 to 17.0.7

Superseded by #784.

dependabot[bot]

comment created time in 2 days

PR opened ReactiveRaven/rr-calendar

build(deps-dev): bump @types/react-dom from 16.9.9 to 17.0.8

Bumps @types/react-dom from 16.9.9 to 17.0.8. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

0 comment

2 changed files

pr created time in 2 days

PR closed ReactiveRaven/rr-calendar

build(deps-dev): bump @types/node from 13.13.5 to 15.12.2 dependencies

Bumps @types/node from 13.13.5 to 15.12.2. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 days

delete branch ReactiveRaven/rr-calendar

delete branch : dependabot/npm_and_yarn/types/node-15.12.2

delete time in 2 days

pull request commentReactiveRaven/rr-calendar

build(deps-dev): bump @types/node from 13.13.5 to 15.12.2

Superseded by #783.

dependabot[bot]

comment created time in 2 days

PR opened ReactiveRaven/rr-calendar

build(deps-dev): bump @types/node from 13.13.5 to 15.12.3

Bumps @types/node from 13.13.5 to 15.12.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

0 comment

2 changed files

pr created time in 2 days

delete branch ReactiveRaven/JsonSchemaRequest

delete branch : dependabot/npm_and_yarn/semantic-release-17.4.3

delete time in 4 days

PR closed ReactiveRaven/JsonSchemaRequest

chore(deps-dev): bump semantic-release from 17.3.0 to 17.4.3 dependencies

Bumps semantic-release from 17.3.0 to 17.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/semantic-release/semantic-release/releases">semantic-release's releases</a>.</em></p> <blockquote> <h2>v17.4.3</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.2...v17.4.3">17.4.3</a> (2021-05-12)</h2> <h3>Bug Fixes</h3> <ul> <li>bump minimal version of lodash to address <code>CVE-2021-23337</code> (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1931">#1931</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/55194c106e25c18b9671ffda5096cc8b9d35ff1a">55194c1</a>)</li> </ul> <h2>v17.4.2</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.1...v17.4.2">17.4.2</a> (2021-03-11)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update dependency hosted-git-info to v4 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1838">#1838</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/44b3344b915ee59b1eca95fd660fc4e503ac9cb8">44b3344</a>)</li> </ul> <h2>v17.4.1</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.0...v17.4.1">17.4.1</a> (2021-03-03)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> peer dependecy error with <code>marked-terminal</code> (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1829">#1829</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/07f12b9df2237aafe6f696b5c47898518a8e73a0">07f12b9</a>)</li> </ul> <h2>v17.4.0</h2> <h1><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.9...v17.4.0">17.4.0</a> (2021-02-26)</h1> <h3>Features</h3> <ul> <li><strong>config:</strong> Use cosmiconfig defaults to support .cjs config files (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1815">#1815</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/3ecc196d8ad735f6ab30b81b8f5d8b6d095e1da8">3ecc196</a>), closes <a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1814">#1814</a></li> </ul> <h2>v17.3.9</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.8...v17.3.9">17.3.9</a> (2021-02-12)</h2> <h3>Bug Fixes</h3> <ul> <li>update link to GitLab CI introduction (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1794">#1794</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/a9be97b56b8c604ca6dda2c7d662ac5d676c0fa5">a9be97b</a>)</li> </ul> <h2>v17.3.8</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.7...v17.3.8">17.3.8</a> (2021-02-08)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update dependency marked to v2 (<a href="https://github.com/semantic-release/semantic-release/commit/a2eaed086f9899b7415ed9f6ac58a525a0963696">a2eaed0</a>)</li> </ul> <h2>v17.3.7</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.6...v17.3.7">17.3.7</a> (2021-01-22)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/semantic-release/semantic-release/commit/55194c106e25c18b9671ffda5096cc8b9d35ff1a"><code>55194c1</code></a> fix: bump minimal version of lodash to address <code>CVE-2021-23337</code> (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1931">#1931</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/e24ef71e33191cd98426d6cdccb9096a864bc789"><code>e24ef71</code></a> docs(distribution-channels): fix branch name (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1925">#1925</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/0435e35feea941b5e627b3d0efe41063cc38745d"><code>0435e35</code></a> docs(Plugin Developer Guide): More detailed lifecycle list and context descri...</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/1d1b52a7dc02e63c41308f4d196983e0b5081e51"><code>1d1b52a</code></a> chore(deps): update dependency p-retry to v4.5.0 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1885">#1885</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/72522c3570ea6b8a5eb32473fa2eacf48f204cef"><code>72522c3</code></a> docs(Plugin Developer Guide): Update lifecycle list (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1874">#1874</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/5489489dda80c5ae7f047926f185ef393b131590"><code>5489489</code></a> docs(github-actions): example suggests using ubuntu-latest (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1867">#1867</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/12337175c6069082443ca1a035e6b3072312aaea"><code>1233717</code></a> docs: Add article to explain semantic release (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1856">#1856</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/8fa4f9a7506511029ea25128ce664126bf7b4aaa"><code>8fa4f9a</code></a> chore(deps): lock file maintenance (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1861">#1861</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/f6689359938aff58bcdc56b590f82e98fd437380"><code>f668935</code></a> chore(deps): update dependency got to v11.8.2 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1858">#1858</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/0f3c4148c755a3b9449351b643d7224d5d9ad403"><code>0f3c414</code></a> chore(deps): lock file maintenance (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1848">#1848</a>)</li> <li>Additional commits viewable in <a href="https://github.com/semantic-release/semantic-release/compare/v17.3.0...v17.4.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1075 -2540

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in 4 days

PR opened ReactiveRaven/JsonSchemaRequest

chore(deps-dev): bump semantic-release from 17.3.0 to 17.4.4

Bumps semantic-release from 17.3.0 to 17.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/semantic-release/semantic-release/releases">semantic-release's releases</a>.</em></p> <blockquote> <h2>v17.4.4</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.3...v17.4.4">17.4.4</a> (2021-06-15)</h2> <h3>Bug Fixes</h3> <ul> <li>corrected spelling of invalid plugin config error (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1979">#1979</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/80e1665037e8977cea7c460eae863509d6779720">80e1665</a>)</li> </ul> <h2>v17.4.3</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.2...v17.4.3">17.4.3</a> (2021-05-12)</h2> <h3>Bug Fixes</h3> <ul> <li>bump minimal version of lodash to address <code>CVE-2021-23337</code> (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1931">#1931</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/55194c106e25c18b9671ffda5096cc8b9d35ff1a">55194c1</a>)</li> </ul> <h2>v17.4.2</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.1...v17.4.2">17.4.2</a> (2021-03-11)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update dependency hosted-git-info to v4 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1838">#1838</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/44b3344b915ee59b1eca95fd660fc4e503ac9cb8">44b3344</a>)</li> </ul> <h2>v17.4.1</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.4.0...v17.4.1">17.4.1</a> (2021-03-03)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> peer dependecy error with <code>marked-terminal</code> (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1829">#1829</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/07f12b9df2237aafe6f696b5c47898518a8e73a0">07f12b9</a>)</li> </ul> <h2>v17.4.0</h2> <h1><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.9...v17.4.0">17.4.0</a> (2021-02-26)</h1> <h3>Features</h3> <ul> <li><strong>config:</strong> Use cosmiconfig defaults to support .cjs config files (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1815">#1815</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/3ecc196d8ad735f6ab30b81b8f5d8b6d095e1da8">3ecc196</a>), closes <a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1814">#1814</a></li> </ul> <h2>v17.3.9</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.8...v17.3.9">17.3.9</a> (2021-02-12)</h2> <h3>Bug Fixes</h3> <ul> <li>update link to GitLab CI introduction (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1794">#1794</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/a9be97b56b8c604ca6dda2c7d662ac5d676c0fa5">a9be97b</a>)</li> </ul> <h2>v17.3.8</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.3.7...v17.3.8">17.3.8</a> (2021-02-08)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/semantic-release/semantic-release/commit/80e1665037e8977cea7c460eae863509d6779720"><code>80e1665</code></a> fix: corrected spelling of invalid plugin config error (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1979">#1979</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/37765ef36d3cfc29f18484949c9b061499dc382a"><code>37765ef</code></a> chore(deps): update dependency dockerode to v3.3.0 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1977">#1977</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/a7a1e6d28f17d96e462372c4a2357978bc590183"><code>a7a1e6d</code></a> chore(deps): update dependency sinon to v11 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1976">#1976</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/59bf862d4a2de991e20c1cfbe095a1fa266f30ad"><code>59bf862</code></a> chore(deps): update dependency nock to v13.1.0 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1975">#1975</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/78a63a7de0a5a005fded5503b29a21c91dfa6b53"><code>78a63a7</code></a> chore(deps): update dependency trim-newlines to 3.0.1 [security] (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1974">#1974</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/61f94c00ab682d0279783e47ba7cfb8f9a29fdaa"><code>61f94c0</code></a> build(deps): bump normalize-url from 4.5.0 to 4.5.1 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1973">#1973</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/7452eaf2cdddbb9dada521d54266a10b6f0547f7"><code>7452eaf</code></a> docs: adds updated docker plugin that supports major, minor tagging (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1963">#1963</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/c229888cc04633d3feab5d68885df46394141663"><code>c229888</code></a> chore(deps): update dependency fs-extra to v10 (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1955">#1955</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/29d34788ff6888c96217ad0dbd38533a07449704"><code>29d3478</code></a> docs(README): improve sentence (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1962">#1962</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/fe0ac417cfb911105474f3c2a5a56282025fecfb"><code>fe0ac41</code></a> docs(plugin developer guide): correction, additional details / advanced (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1961">#1961</a>)</li> <li>Additional commits viewable in <a href="https://github.com/semantic-release/semantic-release/compare/v17.3.0...v17.4.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1072 -2546

0 comment

2 changed files

pr created time in 4 days

delete branch ReactiveRaven/rr-range

delete branch : dependabot/npm_and_yarn/ws-5.2.3

delete time in 9 days

push eventReactiveRaven/rr-range

dependabot-preview[bot]

commit sha bf91c0f751786af1246e420fef17989ed5a8b4c9

[Security] Bump ws from 5.2.2 to 5.2.3 Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. **This update includes a security fix.** - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha c9ac23f9c01f969aae20bea185dbfa19a94559a4

Merge pull request #262 from ReactiveRaven/dependabot/npm_and_yarn/ws-5.2.3

view details

push time in 9 days

PR merged ReactiveRaven/rr-range

[Security] Bump ws from 5.2.2 to 5.2.3 dependencies security

Bumps ws from 5.2.2 to 5.2.3. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-6fc8-4gx4-v693">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>ReDoS in Sec-Websocket-Protocol header</strong></p> <h3>Impact</h3> <p>A specially crafted value of the <code>Sec-Websocket-Protocol</code> header can be used to significantly slow down a ws server.</p> <h3>Proof of concept</h3> <pre lang="js"><code>for (const length of [1000, 2000, 4000, 8000, 16000, 32000]) { const value = 'b' + ' '.repeat(length) + 'x'; const start = process.hrtime.bigint(); <p>value.trim().split(/ *, */);</p> <p>const end = process.hrtime.bigint();</p> <p>console.log('length = %d, time = %f ns', length, end - start); } </code></pre></p> <h3>Patches</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> <blockquote> <p>Affected versions: < 5.2.3</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>5.2.3</h2> <h1>Bug fixes</h1> <ul> <li>Backported 00c425ec to the 5.x release line (76d47c14).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/6dd88e7e968ef2416445d8f8620c17d99b15c77c"><code>6dd88e7</code></a> [dist] 5.2.3</li> <li><a href="https://github.com/websockets/ws/commit/76d47c1479002022a3e4357b3c9f0e23a68d4cd2"><code>76d47c1</code></a> [security] Fix ReDoS vulnerability</li> <li>See full diff in <a href="https://github.com/websockets/ws/compare/5.2.2...5.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+9 -9

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 9 days

PR opened ReactiveRaven/rr-range

[Security] Bump ws from 5.2.2 to 5.2.3

Bumps ws from 5.2.2 to 5.2.3. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-6fc8-4gx4-v693">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>ReDoS in Sec-Websocket-Protocol header</strong></p> <h3>Impact</h3> <p>A specially crafted value of the <code>Sec-Websocket-Protocol</code> header can be used to significantly slow down a ws server.</p> <h3>Proof of concept</h3> <pre lang="js"><code>for (const length of [1000, 2000, 4000, 8000, 16000, 32000]) { const value = 'b' + ' '.repeat(length) + 'x'; const start = process.hrtime.bigint(); <p>value.trim().split(/ *, */);</p> <p>const end = process.hrtime.bigint();</p> <p>console.log('length = %d, time = %f ns', length, end - start); } </code></pre></p> <h3>Patches</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> <blockquote> <p>Affected versions: < 5.2.3</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>5.2.3</h2> <h1>Bug fixes</h1> <ul> <li>Backported 00c425ec to the 5.x release line (76d47c14).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/6dd88e7e968ef2416445d8f8620c17d99b15c77c"><code>6dd88e7</code></a> [dist] 5.2.3</li> <li><a href="https://github.com/websockets/ws/commit/76d47c1479002022a3e4357b3c9f0e23a68d4cd2"><code>76d47c1</code></a> [security] Fix ReDoS vulnerability</li> <li>See full diff in <a href="https://github.com/websockets/ws/compare/5.2.2...5.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+9 -9

0 comment

1 changed file

pr created time in 9 days

create barnchReactiveRaven/rr-range

branch : dependabot/npm_and_yarn/ws-5.2.3

created branch time in 9 days

release vapor/vapor

4.47.0

released time in 10 days

delete branch ReactiveRaven/rr-calendar

delete branch : dependabot/npm_and_yarn/types/react-17.0.10

delete time in 10 days

pull request commentReactiveRaven/rr-calendar

build(deps-dev): bump @types/react from 16.9.43 to 17.0.10

Superseded by #781.

dependabot[bot]

comment created time in 10 days

PR closed ReactiveRaven/rr-calendar

build(deps-dev): bump @types/react from 16.9.43 to 17.0.10 dependencies

Bumps @types/react from 16.9.43 to 17.0.10. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+20 -5

1 comment

2 changed files

dependabot[bot]

pr closed time in 10 days

PR opened ReactiveRaven/rr-calendar

build(deps-dev): bump @types/react from 16.9.43 to 17.0.11

Bumps @types/react from 16.9.43 to 17.0.11. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+20 -5

0 comment

2 changed files

pr created time in 10 days

PR opened ReactiveRaven/JsonSchemaRequest

chore(deps): [security] bump trim-newlines from 3.0.0 to 3.0.1

Bumps trim-newlines from 3.0.0 to 3.0.1. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-7p7h-4mm5-852v">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Regular Expression Denial of Service in trim-newlines</strong> The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.</p> <p>Affected versions: < 3.0.1</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sindresorhus/trim-newlines/commits">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -3

0 comment

1 changed file

pr created time in 10 days

PR opened ReactiveRaven/JsonSchemaRequest

chore(deps): [security] bump normalize-url from 5.3.0 to 5.3.1

Bumps normalize-url from 5.3.0 to 5.3.1. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-px4h-xg32-q955">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>ReDoS in normalize-url</strong> The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.</p> <p>Affected versions: >= 5.0.0 < 5.3.1</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sindresorhus/normalize-url/commits">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -3

0 comment

1 changed file

pr created time in 10 days