profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/TimPetricola/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Tim Petricola TimPetricola @withjour Paris, France http://timpetricola.com

stripe/stripe-react-native 668

React Native library for Stripe.

TimPetricola/Credy 17

Simple credit card generator

TimPetricola/dotfiles 3

.dotfiles to configure a lot of stuff on OS X: zsh, prompt, ruby, git, ...

TimPetricola/blueskies 1

Blue Skies Digest

TimPetricola/2048 0

A small clone of 1024 (https://play.google.com/store/apps/details?id=com.veewo.a1024)

TimPetricola/active_admin 0

The administration framework for Ruby on Rails applications.

TimPetricola/active_model_serializers 0

ActiveModel::Serializer implementation and Rails hooks

TimPetricola/acts_as_follower 0

A Gem to add Follow functionality for models

TimPetricola/chancejs 0

Chance - Random generator helper for JavaScript

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha 31727cc13b49c64cff151050fb4765d42eda1713

Setup Next.JS project

view details

Tim Petricola

commit sha dd0adf2a5c2b14288d69ed8247a19601cafce60a

Add lightbox

view details

Tim Petricola

commit sha f20328bf2113911f1c9a6e1afd8949749e211d48

cleanup

view details

push time in 16 days

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha 356c0757efefbf9414be157218281078ebca65bf

cleanup

view details

push time in 16 days

create barnchTimPetricola/irene-desvignes

branch : next

created branch time in 16 days

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha 1067a148a82cdeec47da1970e6f9546e2913802e

More spacing

view details

push time in 18 days

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha 209b16ac53eea7cd178cfc8d6142168aa209d06c

Update Gemfile.lock

view details

push time in 19 days

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha 76b7d474a9fa30c2d40b0d4e88f94e83e519243f

Update Gemfile

view details

push time in 19 days

push eventTimPetricola/irene-desvignes

Tim Petricola

commit sha e73ac3ddb49bd4b94b763421f5a2c2a6db7aaee7

Update homepage

view details

push time in 19 days

startedimba/imba

started time in a month

PR merged withjour/technical-challenge

Bump color-string from 1.5.4 to 1.6.0 dependencies

Bumps color-string from 1.5.4 to 1.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Qix-/color-string/releases">color-string's releases</a>.</em></p> <blockquote> <h2>1.6.0</h2> <h1>Minor release 1.6.0</h1> <ul> <li><a href="https://github.com/Qix-/color-string/issues/55">#55</a> - Add support for space-separated HSL</li> </ul> <p>Thanks <a href="https://github.com/htunnicliff"><code>@​htunnicliff</code></a> for the contribution :)</p> <h2>1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)</h2> <blockquote> <p>Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3</p> </blockquote> <pre><code>Discovered by Yeting Li, c/o Colin Ife via Snyk.io. <p>A ReDos (Regular Expression Denial of Service) vulnerability was responsibly disclosed to me via email by Colin on Mar 5 2021 regarding an exponential time complexity for linearly increasing input lengths for <code>hwb()</code> color strings.</p> <p>Strings reaching more than 5000 characters would see several milliseconds of processing time; strings reaching more than 50,000 characters began seeing 1500ms (1.5s) of processing time.</p> <p>The cause was due to a the regular expression that parses hwb() strings - specifically, the hue value - where the integer portion of the hue value used a 0-or-more quantifier shortly thereafter followed by a 1-or-more quantifier.</p> <p>This caused excessive backtracking and a cartesian scan, resulting in exponential time complexity given a linear increase in input length.</p> <p>Thank you Yeting Li and Colin Ife for bringing this to my attention in a secure, responsible and professional manner.</p> <p>A CVE will not be assigned for this vulnerability. </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Qix-/color-string/commit/1a68f9e91266f504e33441fcab59af22fcb1358d"><code>1a68f9e</code></a> 1.6.0</li> <li><a href="https://github.com/Qix-/color-string/commit/2b6f59cfa64288b6c1028e666d1ea8b6a4b0132e"><code>2b6f59c</code></a> Add additional HSL examples to README</li> <li><a href="https://github.com/Qix-/color-string/commit/6f73e205202c95ba7e6fd5afdffedd4552579a38"><code>6f73e20</code></a> Update HSL regular expression</li> <li><a href="https://github.com/Qix-/color-string/commit/02645465a23f5bcfb35bd44e29667397a4595ec2"><code>0264546</code></a> Add tests for space-separated HSL syntax</li> <li><a href="https://github.com/Qix-/color-string/commit/966ae4d80fc8f237674d099ce6214a9fb6a816bb"><code>966ae4d</code></a> 1.5.5</li> <li><a href="https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"><code>0789e21</code></a> fix ReDos in hwb() parser (low-severity)</li> <li>See full diff in <a href="https://github.com/Qix-/color-string/compare/1.5.4...1.6.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventwithjour/technical-challenge

dependabot[bot]

commit sha be945468b22442b035d2ad54c848c5e15bf246b6

Bump color-string from 1.5.4 to 1.6.0 Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.4 to 1.6.0. - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/compare/1.5.4...1.6.0) --- updated-dependencies: - dependency-name: color-string dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a month

push eventwithjour/technical-challenge

dependabot[bot]

commit sha 04f4374e960dff13ce19594df5b357cbdd4e282f

Bump url-parse from 1.5.1 to 1.5.3 Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a month

PR merged withjour/technical-challenge

Bump url-parse from 1.5.1 to 1.5.3 dependencies

Bumps url-parse from 1.5.1 to 1.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/unshiftio/url-parse/commit/ad444931666a30bad11472d89a216461cf16cae2"><code>ad44493</code></a> [dist] 1.5.3</li> <li><a href="https://github.com/unshiftio/url-parse/commit/c7984617e235892cc22e0f47bb5ff1c012e6e39f"><code>c798461</code></a> [fix] Fix host parsing for file URLs (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/210">#210</a>)</li> <li><a href="https://github.com/unshiftio/url-parse/commit/201034b8670c2aa382d7ec410ee750ac6f2f9c38"><code>201034b</code></a> [dist] 1.5.2</li> <li><a href="https://github.com/unshiftio/url-parse/commit/2d9ac2c94067742b2116332c1e03be9f37371dff"><code>2d9ac2c</code></a> [fix] Sanitize only special URLs (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/209">#209</a>)</li> <li><a href="https://github.com/unshiftio/url-parse/commit/fb128af4f43fa17f351d50cf615c7598c751f50a"><code>fb128af</code></a> [fix] Use <code>'null'</code> as <code>origin</code> for non special URLs</li> <li><a href="https://github.com/unshiftio/url-parse/commit/fed6d9e338ea39de2d68bb66607066d71328c62f"><code>fed6d9e</code></a> [fix] Add a leading slash only if the URL is special</li> <li><a href="https://github.com/unshiftio/url-parse/commit/94872e7ab9103ee69b958959baa14c9e682a7f10"><code>94872e7</code></a> [fix] Do not incorrectly set the <code>slashes</code> property to <code>true</code></li> <li><a href="https://github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0"><code>81ab967</code></a> [fix] Ignore slashes after the protocol for special URLs</li> <li><a href="https://github.com/unshiftio/url-parse/commit/ee22050a48a67409aa5f7c87947284156d615bd1"><code>ee22050</code></a> [ci] Use GitHub Actions</li> <li><a href="https://github.com/unshiftio/url-parse/commit/d2979b586d8c7751e0c77f127d9ce1b2143cc0c9"><code>d2979b5</code></a> [fix] Special case the <code>file:</code> protocol (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/204">#204</a>)</li> <li>Additional commits viewable in <a href="https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventwithjour/technical-challenge

dependabot[bot]

commit sha 7b028ee142261c6b2e22e93202aa4a50972cd952

Bump path-parse from 1.0.6 to 1.0.7 Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a month

PR merged withjour/technical-challenge

Bump path-parse from 1.0.6 to 1.0.7 dependencies

Bumps path-parse from 1.0.6 to 1.0.7. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jbgutierrez/path-parse/commits/v1.0.7">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

startedgajus/slonik

started time in a month

startedisaachinman/next-i18next

started time in 2 months