profile
viewpoint

avaly/gulp-group-css-media-queries 43

Gulp wrapper for group-css-media-queries

avaly/babel-plugin-inline-classnames 11

Babel plugin which inlines the result of classnames

avaly/dust-loader 7

dust loader module for webpack

avaly/backup-to-cloud 4

A simple backup tool which uploads encrypted files to S3

avaly/backbone-hyper-model 3

Backbone Model and Collection on steroids

avaly/atom-open-project-file 2

Atom package: Open project file under cursor

avaly/create-pages 2

WordPress plugin: create-pages helps create a list of new pages, posts & custom post items and also categories, tags & custom taxonomies terms

avaly/eslint-plugin-import-order 2

ESLint import order with Flow types support

avaly/content-replace 1

Wordpress plugin: replace content through DB in multiple places

avaly/dotfiles 1

Unix dotfiles

issue openedbrianc/node-pg-native

Change native export method

Starting with node.js v14.13.0 CommonJS modules are parsed to detect their exports bindings. In this case pg is triggering the lazy loading of the pg-native dependency.

Please consider exporting the native feature in another compatible way.

See: https://github.com/nodejs/node/issues/35859

created time in 18 hours

issue commentnodejs/node

ESM importing a CommonJS calls getters

Is npm install pg-native to fix really that bad?

If it were any other dependency, that wouldn't be an issue. But in this case, this dependency requires build tools to be installed to build a native binary (https://www.npmjs.com/package/pg-native). It's not something one should be forced to do, if we don't plan on using that part of the library.

TBH I would also like to see a change in how the pg library is exporting its native part. So maybe it's not actionable from node.js itself.

avaly

comment created time in 18 hours

push eventavaly/github-tools

Valentin Agachi

commit sha 63ab02446d69d857d83abc10a096a8fc127879e3

Fix clean branches with new octokit version

view details

push time in a day

issue openednodejs/node

ESM importing a CommonJS calls getters

  • Version: 14.13.0
  • Platform: Linux 5.4.0-52-generic #57~18.04.1-Ubuntu SMP Thu Oct 15 14:04:49 UTC 2020 x86_64 GNU/Linux

What steps will reproduce the bug?

Install pg npm dependency

Run the following module:

import pg from 'pg';

console.log(!!pg);

How often does it reproduce? Is there a required condition?

It always reproduces. The imported module needs to be a CommonJS module with getters.

In this case pg exports a getter that lazily tries to load another npm package: https://github.com/brianc/node-postgres/blob/master/packages/pg/lib/index.js#L32-L55

What is the expected behavior?

$ node -v
v14.12.0

$ node pg.mjs 
true

What do you see instead?

$ node -v
v14.13.0

$ node pg.mjs 
Cannot find module 'pg-native'
Require stack:
- /dev/temp/node-bugs/node_modules/pg/lib/native/client.js
- /dev/temp/node-bugs/node_modules/pg/lib/native/index.js
- /dev/temp/node-bugs/node_modules/pg/lib/index.js
true

Additional information

This change was introduced in https://github.com/nodejs/node/pull/35249

created time in a day

issue commentswc-project/swc

@swc/helpers throws error in ESM project

The same behavior is present with 0.2.0

avaly

comment created time in 14 days

issue openedswc-project/swc

@swc/helpers throws error in ESM project

Describe the bug

While attempting to run unit tests with @swc/jest, I noticed that an error occurs when running the CommonJS output from swc in an ESM project.

Input code

import foo from './package.json';
console.log(foo);

Config

{
  "jsc": {
    "transform": {
      "hidden": {
        "jest": true
      }
    }
  },
  "module": {
    "type": "commonjs"
  }
}

Expected behavior

The code should run without errors.

Actual behavior

Output:

"use strict";
var swcHelpers = require("@swc/helpers");
var _foo = swcHelpers.interopRequireDefault(require("./foo"));
console.log(_foo.default);

Result:

var _packageJson = swcHelpers.interopRequireDefault(require("./package.json"));
                              ^

TypeError: swcHelpers.interopRequireDefault is not a function
    at Object.<anonymous> (/tmp/swc-bug.cjs:3:31)
    at Module._compile (internal/modules/cjs/loader.js:1076:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1097:10)
    at Module.load (internal/modules/cjs/loader.js:941:32)
    at Function.Module._load (internal/modules/cjs/loader.js:782:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
    at internal/main/run_main_module.js:17:47

Version The version of @swc/core:

@swc/cli: 0.1.27 @swc/core: 1.2.36 @swc/helpers: 0.2.2

node version: 14.12.0

created time in 15 days

issue openedswc-project/swc

await with optional chaining is broken

Describe the bug

A side-effect of the fix for #1130 when using await with optional chaining.

Input code

const item = await data?.foo();

Config

{
  "jsc": {
    "parser": {
      "syntax": "typescript"
    }
  }
}

Actual behavior

swc:

const item = await data === null || data === void 0 ? void 0 : data.foo();

babel:

const item = await (data === null || data === void 0 ? void 0 : data.foo());

Expected behavior

await with optional chaining should work correctly.

Version The version of @swc/core:

@swc/cli: 0.1.27 @swc/core: 1.2.35

created time in a month

issue openedswc-project/swc

Retain lines

Describe the feature

Babel has a feature where it can retain the same line numbers from the original source file.

This can be useful when you only use it to remove TS syntax, but keep the rest of the source file intact, and need to match line numbers from production error stack traces to original source code.

Is such a feature possible in swc, without degrading the performance?

Babel plugin or link to the feature description

https://babeljs.io/docs/en/options#retainlines

created time in a month

issue commentswc-project/swc

Alpine Linux build

Ahh, I found the linux-musl build. But some instructions would be nice on the docs pages:

To use on Alpine Linux, also install the `@swc/core-linux-musl` npm package.
avaly

comment created time in a month

issue openedswc-project/swc

Optional chaining expressions throw error at runtime

Describe the bug

Chained expressions with an optional chaining start are wrapped with parenthesis in a way which throws an error at runtime.

Input code

let data;
const result = data?.filter(item => Math.random() > 0.5).map(item => JSON.stringify(item));

Config

{
  "env": {
    "targets": {
      "node": "12.14.1"
    }
  },
  "jsc": {
    "externalHelpers": true,
    "parser": {
      "decorators": false,
      "dynamicImport": true,
      "syntax": "typescript",
      "tsx": false
    }
  }
}

Actual behavior

swc output:

let data;
const result = (data === null || data === void 0 ? void 0 : data.filter((item)=>Math.random() > 0.5
)).map((item)=>JSON.stringify(item)
);

babel output:

"use strict";

let data;
const result = data === null || data === void 0 ? void 0 : data.filter(item => Math.random() > 0.5).map(item => JSON.stringify(item));

Running with swc output:

$ swc ./test-swc.ts | node
[stdin]:3
)).map((item)=>JSON.stringify(item)
   ^

TypeError: Cannot read property 'map' of undefined

Running with babel output:

$ babel ./test-swc.ts | node

Expected behavior

Better wrapping of optional chaining expressions and no runtime errors.

Version The version of @swc/core:

@swc/cli: 0.1.27 @swc/core: 1.2.34

created time in a month

issue openedswc-project/swc

Alpine build

Describe the feature

Provide an Alpine Linux build or instructions on how to build one.

created time in a month

startedsindresorhus/type-fest

started time in 2 months

starteddaniellandau/switcher

started time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha 3bbedcff68344dcac435d3313c7fb92daec88477

Upgrade all dependencies (#18)

view details

push time in 2 months

delete branch viswiz-io/demo-project

delete branch : chore/upgrade-all-dependencies

delete time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha f75cf5cdf532fb9cc0aa83c1b690271c1f7a5743

fixup! Upgrade all dependencies

view details

push time in 2 months

PR opened viswiz-io/demo-project

Upgrade all dependencies
+5049 -3608

0 comment

4 changed files

pr created time in 2 months

create barnchviswiz-io/demo-project

branch : chore/upgrade-all-dependencies

created branch time in 2 months

delete branch viswiz-io/demo-project

delete branch : chore/upgrade-viswiz-sdk

delete time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha c40dc95a37c73b384a10e0be01c22d691a3441ba

Upgrade viswiz-sdk v5.2.2

view details

push time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha bb9319402ad60a62924a9cef7dddfcbe7a4daed1

Upgrade viswiz-sdk v5.2.2

view details

push time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha f75e82a0667efddffd22f9c31f39f701ae965af9

Upgrade viswiz-sdk v5.2.2

view details

push time in 2 months

PR opened viswiz-io/demo-project

Upgrade viswiz-sdk v5.2.2
+167 -175

0 comment

3 changed files

pr created time in 2 months

create barnchviswiz-io/demo-project

branch : chore/upgrade-viswiz-sdk

created branch time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha ff569748339193dc5b3eeade694fca34f66b7a9f

fixup! Make the UI random

view details

push time in 2 months

push eventviswiz-io/demo-project

Valentin Agachi

commit sha 199f135bd1df780bcf542c39e63184a98efbecfa

fixup! Make the UI random

view details

push time in 2 months

PR opened viswiz-io/demo-project

Make the UI random
+3 -0

0 comment

1 changed file

pr created time in 2 months

create barnchviswiz-io/demo-project

branch : demo-5

created branch time in 2 months

PR closed viswiz-io/demo-project

Bump elliptic from 6.4.0 to 6.5.3 dependencies

Bumps elliptic from 6.4.0 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>Additional commits viewable in <a href="https://github.com/indutny/elliptic/compare/v6.4.0...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+25 -13

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

PR closed viswiz-io/demo-project

Bump lodash from 4.17.4 to 4.17.19 dependencies

Bumps lodash from 4.17.4 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.4...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -7

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

PR closed viswiz-io/demo-project

Bump websocket-extensions from 0.1.3 to 0.1.4 dependencies

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -2

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

PR closed viswiz-io/demo-project

Bump jquery from 3.3.1 to 3.5.0 dependencies

Bumps jquery from 3.3.1 to 3.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jquery/jquery/commit/7a0a850f3d41c0412609c1d32b1e602d4afe2f4e"><code>7a0a850</code></a> 3.5.0</li> <li><a href="https://github.com/jquery/jquery/commit/8570a08f6689223aa06ca8cc51d488c6d81d44f9"><code>8570a08</code></a> Release: Update AUTHORS.txt</li> <li><a href="https://github.com/jquery/jquery/commit/da3dd85b63c4e3a6a768132c2a83a1a6eec24840"><code>da3dd85</code></a> Ajax: Do not execute scripts for unsuccessful HTTP responses</li> <li><a href="https://github.com/jquery/jquery/commit/065143c2e93512eb0c82d1b344b71d06eb7cf01c"><code>065143c</code></a> Ajax: Overwrite s.contentType with content-type header value, if any</li> <li><a href="https://github.com/jquery/jquery/commit/1a4f10ddc37c34c6dc3a451ee451b5c6cf367399"><code>1a4f10d</code></a> Tests: Blacklist one focusin test in IE</li> <li><a href="https://github.com/jquery/jquery/commit/9e15d6b469556eccfa607c5ecf53b20c84529125"><code>9e15d6b</code></a> Event: Use only one focusin/out handler per matching window & document</li> <li><a href="https://github.com/jquery/jquery/commit/966a70909019aa09632c87c0002c522fa4a1e30e"><code>966a709</code></a> Manipulation: Skip the select wrapper for <option> outside of IE 9</li> <li><a href="https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"><code>1d61fd9</code></a> Manipulation: Make jQuery.htmlPrefilter an identity function</li> <li><a href="https://github.com/jquery/jquery/commit/04bf577e2f961c9dde85ddadc77f71bc7bc671cc"><code>04bf577</code></a> Selector: Update Sizzle from 2.3.4 to 2.3.5</li> <li><a href="https://github.com/jquery/jquery/commit/7506c9ca62a2f3ef773e19385918c31e9d62d412"><code>7506c9c</code></a> Build: Resolve Travis config warnings</li> <li>Additional commits viewable in <a href="https://github.com/jquery/jquery/compare/3.3.1...3.5.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mgol">mgol</a>, a new releaser for jquery since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -2

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

PR closed viswiz-io/demo-project

Bump https-proxy-agent from 2.1.1 to 2.2.4 dependencies

Bumps https-proxy-agent from 2.1.1 to 2.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/TooTallNate/node-https-proxy-agent/releases">https-proxy-agent's releases</a>.</em></p> <blockquote> <h2>2.2.4</h2> <h3>Patches</h3> <ul> <li>Add <code>.editorconfig</code> file: a0d4a20458498fc31e5721471bd2b655e992d44b</li> <li>Add <code>.eslintrc.js</code> file: eecea74a1db1c943eaa4f667a561fd47c33da897</li> <li>Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy errors: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/83">#83</a></li> <li>Remove unused <code>stream</code> module: 9fdcd47bd813e9979ee57920c69e2ee2e0683cd4</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/lpinca">@lpinca</a> for helping!</p> <h2>2.2.3</h2> <h3>Patches</h3> <ul> <li>Update README with actual <code>secureProxy</code> behavior: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/65">#65</a></li> <li>Update <code>proxy</code> to v1.0.0: d0e3c18079119057b05582cb72d4fda21dfc2546</li> <li>Remove unreachable code: 46aad0988b471f042856436cf3192b0e09e36fe6</li> <li>Test on Node.js 10 and 12: 3535951e482ea52af4888938f59649ed92e81b2b</li> <li>Fix compatibility with Node.js >= 10.0.0: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/73">#73</a></li> <li>Use an <code>EventEmitter</code> to replay failed proxy connect HTTP requests: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/77">#77</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/stoically">@stoically</a>, <a href="https://github.com/lpinca">@lpinca</a>, and <a href="https://github.com/zkochan">@zkochan</a> for helping!</p> <h2>2.2.2</h2> <h3>Patches</h3> <ul> <li>Remove <code>package-lock.json</code>: c881009b9873707f5c4a0e9c277dde588e1139c7</li> <li>Ignore test directory, History.md and .travis.yml when creating npm package. Fixes <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/42">#42</a>: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/45">#45</a></li> <li>Update <code>agent-base</code> to v4.2: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/50">#50</a></li> <li>Add TypeScript type definitions: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/66">#66</a></li> <li>Feat(typescript): Allow input to be options or string: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/68">#68</a></li> <li>Update <code>agent-base</code> to v4.3: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/69">#69</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/marco-c">@marco-c</a>, <a href="https://github.com/tareqhs">@tareqhs</a>, <a href="https://github.com/ianhowe76">@ianhowe76</a>, and <a href="https://github.com/BYK">@BYK</a> for helping!</p> <h2>2.2.1</h2> <h3>Patches</h3> <ul> <li>Add <code>defaultPort</code> field: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/43">#43</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/jan-auer">@jan-auer</a> for helping!</p> <h2>2.2.0</h2> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4c4cce8cb60fd3ac6171e4428f972698eb49f45a"><code>4c4cce8</code></a> 2.2.4</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/9fdcd47bd813e9979ee57920c69e2ee2e0683cd4"><code>9fdcd47</code></a> Remove unused <code>stream</code> module</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/34ea8841922fb6447563b0521f972ac3a6062303"><code>34ea884</code></a> Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy erro...</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4296770b6a0e631e3f8e7bd6cfd41ac8e91a3ec4"><code>4296770</code></a> Prettier</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/eecea74a1db1c943eaa4f667a561fd47c33da897"><code>eecea74</code></a> Add <code>.eslintrc.js</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/a0d4a20458498fc31e5721471bd2b655e992d44b"><code>a0d4a20</code></a> Add <code>.editorconfig</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/0d8e8bfe8b12e6ffe79a39eb93068cdf64c17e78"><code>0d8e8bf</code></a> 2.2.3</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/850b8359b7d0467d721705106b58f4c7cfb937dd"><code>850b835</code></a> Revert "Use Mocha 5 for Node 4 support"</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/f5f56fa48ea4d2a61c385938e7753f5c1fe049d6"><code>f5f56fa</code></a> Remove Node 4 from Travis</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/bb837b984bd868ad69080812eb8eab01181b21d7"><code>bb837b9</code></a> Revert "Remove Node 4 from Travis"</li> <li>Additional commits viewable in <a href="https://github.com/TooTallNate/node-https-proxy-agent/compare/2.1.1...2.2.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+21 -11

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

PR closed viswiz-io/demo-project

Bump handlebars from 4.0.11 to 4.5.3 dependencies

Bumps handlebars from 4.0.11 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+30 -17

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

startedsamber/awesome-prometheus-alerts

started time in 2 months

Pull request review commentDefinitelyTyped/DefinitelyTyped

feat(mongodb): Add type definition for projection and sort

 async function run() {   });   const res: Cursor<TestModel> = collectionT.find({}); +  await collectionT.findOne({}, {+    projection: {+    },+    sort: {}+  });++  await collectionT.findOne({}, {+    projection: {+      stringField: {$meta: 'textScore'},+      fruitTags: {$min: 'fruitTags'},+      max: {$max: ['$max', 0]},+    },+    sort: {stringField: -1, text: {$meta: 'textScore'}, notExistingField: -1}

Shouldn't TS complain here about the notExistingField?

Celend

comment created time in 3 months

issue commentDefinitelyTyped/DefinitelyTyped

[mongoose] problems using generic type (<T extends Document>)

AFAIK mongoose.Document has _id: any. If you defined your _id in your model interface as ObjectId or string, it should work. :crossed_fingers:

jakubjirkal

comment created time in 3 months

Pull request review commentDefinitelyTyped/DefinitelyTyped

feat(mongodb): Add type definition for projection and sort

 export interface FindAndModifyWriteOpResultObject<TSchema> { }  /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#findOneAndReplace */-export interface FindOneAndReplaceOption extends CommonOptions {-    projection?: object;-    sort?: object;+export interface FindOneAndReplaceOption<T> extends CommonOptions {+    projection?: SchemaMember<T, ProjectionOperators | number | boolean | any>;

Why is any allowed here?

According to https://docs.mongodb.com/manual/reference/method/db.collection.find/#find-projection, only 0, 1, true, false and the ProjectionOperators are allowed.

Celend

comment created time in 3 months

Pull request review commentDefinitelyTyped/DefinitelyTyped

feat(mongodb): Add type definition for projection and sort

 export interface Collection<TSchema extends { [key: string]: any } = DefaultSche     estimatedDocumentCount(query: FilterQuery<TSchema>, options: MongoCountPreferences, callback: MongoCallback<number>): void;     /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#find */     find<T = TSchema>(query?: FilterQuery<TSchema>): Cursor<T>;-    find<T = TSchema>(query: FilterQuery<TSchema>, options?: FindOneOptions): Cursor<T>;+    find<T = TSchema>(query: FilterQuery<TSchema>, options?: FindOneOptions<T>): Cursor<T>;     /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#findOne */     findOne<T = TSchema>(filter: FilterQuery<TSchema>, callback: MongoCallback<T | null>): void;-    findOne<T = TSchema>(filter: FilterQuery<TSchema>, options?: FindOneOptions): Promise<T | null>;-    findOne<T = TSchema>(filter: FilterQuery<TSchema>, options: FindOneOptions, callback: MongoCallback<T | null>): void;+    findOne<T = TSchema>(filter: FilterQuery<TSchema>, options?: FindOneOptions<T>): Promise<T | null>;+    findOne<T = TSchema>(filter: FilterQuery<TSchema>, options: FindOneOptions<T>, callback: MongoCallback<T | null>): void;     /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#findOneAndDelete */     findOneAndDelete(filter: FilterQuery<TSchema>, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;-    findOneAndDelete(filter: FilterQuery<TSchema>, options?: FindOneAndDeleteOption): Promise<FindAndModifyWriteOpResultObject<TSchema>>;-    findOneAndDelete(filter: FilterQuery<TSchema>, options: FindOneAndDeleteOption, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;+    findOneAndDelete(filter: FilterQuery<TSchema>, options?: FindOneAndDeleteOption<TSchema>): Promise<FindAndModifyWriteOpResultObject<TSchema>>;+    findOneAndDelete(filter: FilterQuery<TSchema>, options: FindOneAndDeleteOption<TSchema>, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;     /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#findOneAndReplace */     findOneAndReplace(filter: FilterQuery<TSchema>, replacement: object, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;-    findOneAndReplace(filter: FilterQuery<TSchema>, replacement: object, options?: FindOneAndReplaceOption): Promise<FindAndModifyWriteOpResultObject<TSchema>>;-    findOneAndReplace(filter: FilterQuery<TSchema>, replacement: object, options: FindOneAndReplaceOption, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;+    findOneAndReplace(filter: FilterQuery<TSchema>, replacement: object, options?: FindOneAndReplaceOption<TSchema>): Promise<FindAndModifyWriteOpResultObject<TSchema>>;+    findOneAndReplace(filter: FilterQuery<TSchema>, replacement: object, options: FindOneAndReplaceOption<TSchema>, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;     /** http://mongodb.github.io/node-mongodb-native/3.1/api/Collection.html#findOneAndUpdate */     findOneAndUpdate(filter: FilterQuery<TSchema>, update: UpdateQuery<TSchema> | TSchema, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;-    findOneAndUpdate(filter: FilterQuery<TSchema>, update: UpdateQuery<TSchema> | TSchema, options?: FindOneAndUpdateOption): Promise<FindAndModifyWriteOpResultObject<TSchema>>;-    findOneAndUpdate(filter: FilterQuery<TSchema>, update: UpdateQuery<TSchema> | TSchema, options: FindOneAndUpdateOption, callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;+    findOneAndUpdate(filter: FilterQuery<TSchema>, update: UpdateQuery<TSchema> | TSchema, options?: FindOneAndUpdateOption<TSchema>): Promise<FindAndModifyWriteOpResultObject<TSchema>>;+    findOneAndUpdate(filter: FilterQuery<TSchema>, update: UpdateQuery<TSchema> | TSchema, options: FindOneAndUpdateOption<TSchema>,+                     callback: MongoCallback<FindAndModifyWriteOpResultObject<TSchema>>): void;

nit: This parameter intendation looks off. Either keep all on the same line, or break up each parameter on its own line.

Celend

comment created time in 3 months

issue commentavaly/paddle-sdk

Feature request: add support for "price modifiers" endpoints?

Please submit a PR with unit tests. Thanks!

arthabus

comment created time in 3 months

pull request commentavaly/paddle-sdk

fix get user transactions, allow to pass body options

I've been offline for a while, so I didn't see your PR.

Please add some unit tests for the changes you made and I'll merge the PR afterwards.

nya1

comment created time in 3 months

Pull request review commentDefinitelyTyped/DefinitelyTyped

feat(mongodb): Add type definition for projection and sort

 type UpdateOptionalId<T> = T extends { _id?: any } ? OptionalId<T> : T;  export type SortValues = -1 | 1; +/** https://docs.mongodb.com/manual/reference/operator/aggregation/meta/#proj._S_meta */+export type MetaSortOperators =  'textScore' | 'indexKey';++export type MetaProjectionOperators = MetaSortOperators+    /** Only for Atlas Search https://docs.atlas.mongodb.com/reference/atlas-search/scoring/ */+    | 'searchScore'+    /** Only for Atlas Search https://docs.atlas.mongodb.com/reference/atlas-search/highlighting/ */+    | 'searchHighlights';++export type SchemaMemeber<T, V> = {[P in keyof T]?: V} | {[key: string]: V};
export type SchemaMember<T, V> = {[P in keyof T]?: V} | {[key: string]: V};
Celend

comment created time in 3 months

more