profile
viewpoint

startedcortexlabs/cortex

started time in 8 hours

pull request commentkarpathy/arxiv-sanity-preserver

Add arXiv vanity links to the papers

@karpathy What do you think? We get lots of requests for this from arXiv Vanity users. An email today reminded me of this issue...

jasikpark

comment created time in 6 days

pull request commentkarpathy/arxiv-sanity-preserver

Add arXiv vanity links to the papers

This looks good to me!

jasikpark

comment created time in 6 days

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 7b887ae53cc136fa73a159f96ccb08b1d814fa54

Bump pylint-django from 2.0.11 to 2.0.12 Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.0.11 to 2.0.12. - [Release notes](https://github.com/PyCQA/pylint-django/releases) - [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst) - [Commits](https://github.com/PyCQA/pylint-django/compare/v2.0.11...v2.0.12) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 6 days

PR merged arxiv-vanity/arxiv-vanity

Bump pylint-django from 2.0.11 to 2.0.12 dependencies python

Bumps pylint-django from 2.0.11 to 2.0.12. <details> <summary>Release notes</summary>

Sourced from pylint-django's releases.

Version 2.0.12 (04 Nov 2019)

  • Fix too broad suppression of unused-argument warnings for functions and methods where the first argument is named request. Now issues warnings for the rest of the arguments if they are unused. Fix #249 (Pascal Urban)
  • Pass arguments of scripts/test.sh to test_func/pytest to ease development (Pascal Urban)
  • Document behavior when ForeignKey fields are referenced as strings. Fix #241 </details> <details> <summary>Changelog</summary>

Sourced from pylint-django's changelog.

Version 2.0.12 (04 Nov 2019)

  • Fix too broad suppression of unused-argument warnings for functions and methods where the first argument is named request. Now issues warnings for the rest of the arguments if they are unused. Fix #249 (Pascal Urban)
  • Pass arguments of scripts/test.sh to test_func/pytest to ease development (Pascal Urban)
  • Document behavior when ForeignKey fields are referenced as strings. Fix #241 </details> <details> <summary>Commits</summary>
  • d9147ab Forgot to update version to 2.0.12
  • 0df77f0 Changelog for v2.0.12
  • 5f752b6 Ignore unused-argument warning for request arguments (Fixes #249)
  • d2ad9ff Load pylint plugin configuration in test case
  • f75962f Pass arguments of test.sh to test_func/pytest
  • 85430c5 Add SECURITY.md for Tidelift
  • f1cce09 Disable new pylint warning
  • 11181aa tests: clone pylint locally for CI. Fixes #250
  • 695d1b6 Update expected test message for new pylint
  • d00dafb Document FK-string-reference behavior. Fixes #241
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 6 days

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 4633af5ce083e1f44e365557a16a119b09138af1

Bump python-dateutil from 2.8.0 to 2.8.1 Bumps [python-dateutil](https://github.com/dateutil/dateutil) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/dateutil/dateutil/releases) - [Changelog](https://github.com/dateutil/dateutil/blob/master/NEWS) - [Commits](https://github.com/dateutil/dateutil/compare/2.8.0...2.8.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 6 days

PR merged arxiv-vanity/arxiv-vanity

Bump python-dateutil from 2.8.0 to 2.8.1 dependencies python

Bumps python-dateutil from 2.8.0 to 2.8.1. <details> <summary>Release notes</summary>

Sourced from python-dateutil's releases.

2.8.1

Version 2.8.1 (2019-11-03)

Data updates

  • Updated tzdata version to 2019c.

Bugfixes

  • Fixed a race condition in the tzoffset and tzstr "strong" caches on Python 2.7. Reported by [@​kainjow](https://github.com/kainjow) (gh issue #901).
  • Parsing errors will now raise ParserError, a subclass of ValueError, which has a nicer string representation. Patch by [@​gfyoung](https://github.com/gfyoung) (gh pr #881).
  • parser.parse will now raise TypeError when tzinfos is passed a type that cannot be interpreted as a time zone. Prior to this change, it would raise an UnboundLocalError instead. Patch by [@​jbrockmendel](https://github.com/jbrockmendel) (gh pr #891).
  • Changed error message raised when when passing a bytes object as the time zone name to gettz in Python 3. Reported and fixed by [@​labrys](https://github.com/labrys) () (gh issue #927, gh pr #935).
  • Changed compatibility logic to support a potential Python 4.0 release. Patch by Hugo van Kemenade (gh pr #950).
  • Updated many modules to use tz.UTC in favor of tz.tzutc() internally, to avoid an unnecessary function call. (gh pr #910).
  • Fixed issue where dateutil.tz was using a backported version of contextlib.nullcontext even in Python 3.7 due to a malformed import statement. (gh pr #963).

Tests

  • Switched from using assertWarns to using pytest.warns in the test suite. (gh pr #969).
  • Fix typo in setup.cfg causing PendingDeprecationWarning to not be explicitly specified as an error in the warnings filter. (gh pr #966)
  • Fixed issue where test_tzlocal_offset_equal would fail in certain environments (such as FreeBSD) due to an invalid assumption about what time zone names are provided. Reported and fixed by Kubilay Kocak (gh issue #918, pr #928).
  • Fixed a minor bug in test_isoparser related to bytes/str handling. Fixed by [@​fhuang5](https://github.com/fhuang5) (gh issue #776, gh pr #879).
  • Explicitly listed all markers used in the pytest configuration. (gh pr #915)
  • Extensive improvements to the parser test suite, including the adoption of pytest-style tests and the addition of parametrization </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from python-dateutil's changelog.

Version 2.8.1 (2019-11-03)

Data updates

  • Updated tzdata version to 2019c.

Bugfixes

  • Fixed a race condition in the tzoffset and tzstr "strong" caches on Python 2.7. Reported by @​kainjow (gh issue #901).
  • Parsing errors will now raise ParserError, a subclass of ValueError, which has a nicer string representation. Patch by @​gfyoung (gh pr #881).
  • parser.parse will now raise TypeError when tzinfos is passed a type that cannot be interpreted as a time zone. Prior to this change, it would raise an UnboundLocalError instead. Patch by @​jbrockmendel (gh pr #891).
  • Changed error message raised when when passing a bytes object as the time zone name to gettz in Python 3. Reported and fixed by @​labrys () (gh issue #927, gh pr #935).
  • Changed compatibility logic to support a potential Python 4.0 release. Patch by Hugo van Kemenade (gh pr #950).
  • Updated many modules to use tz.UTC in favor of tz.tzutc() internally, to avoid an unnecessary function call. (gh pr #910).
  • Fixed issue where dateutil.tz was using a backported version of contextlib.nullcontext even in Python 3.7 due to a malformed import statement. (gh pr #963).

Tests

  • Switched from using assertWarns to using pytest.warns in the test suite. (gh pr #969).
  • Fix typo in setup.cfg causing PendingDeprecationWarning to not be explicitly specified as an error in the warnings filter. (gh pr #966)
  • Fixed issue where test_tzlocal_offset_equal would fail in certain environments (such as FreeBSD) due to an invalid assumption about what time zone names are provided. Reported and fixed by Kubilay Kocak (gh issue #918, pr #928).
  • Fixed a minor bug in test_isoparser related to bytes/str handling. Fixed by @​fhuang5 (gh issue #776, gh pr #879).
  • Explicitly listed all markers used in the pytest configuration. (gh pr #915)
  • Extensive improvements to the parser test suite, including the adoption of pytest-style tests and the addition of parametrization of several test cases. Patches by @​jbrockmendel (gh prs #735, #890, #892, #894).
  • Added tests for tzinfos input types. Patch by @​jbrockmendel (gh pr #891). </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • fc9b162 Merge pull request #974 from pganssle/release_2.8.1
  • 4ccc8bb Update changelog for 2.8.1 release.
  • 5fdbdbb Merge pull request #971 from pganssle/update_releasing
  • e0f0b7e Add changelog for PR #971
  • 9390c88 Update RELEASING documentation
  • 3c9ccaa Change "Misc" to showcontent=True
  • 58a4e46 Add "news" environment to tox
  • 55301cd Fix Travis test for build command.
  • e03f1de Add working build and release tox environments.
  • 357c62c Merge pull request #973 from pganssle/strong_cache_race
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 6 days

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 9fb84dd4276ee40663cc0a698509a43f22b53eca

Bump django from 2.2.6 to 2.2.7 Bumps [django](https://github.com/django/django) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/2.2.6...2.2.7) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 6 days

PR merged arxiv-vanity/arxiv-vanity

Bump django from 2.2.6 to 2.2.7 dependencies python

Bumps django from 2.2.6 to 2.2.7. <details> <summary>Commits</summary>

  • 27f2b44 [2.2.x] Bumped version for 2.2.7 release.
  • 1cbf607 [2.2.x] Updated man page for Django 2.2.
  • 6f26693 [2.2.x] Added release dates for 2.2.7, 2.1.14, and 1.11.26.
  • 785d170 [2.2.x] Fixed #30931 -- Restored ability to override Model.get_FIELD_display().
  • eb8a53c [2.2.x] Fixed typo in docs/ref/signals.txt.
  • 3ca4457 [2.2.x] Corrected error message in Many-to-many relationships docs.
  • 972eef6 [2.2.x] Fixed #30927 -- Simplified an example of test for the deprecation war...
  • 9d15f1e [2.2.x] Fixed #30917 -- Clarified formsets topic documentation.
  • 4cc1549 [2.2.x] Fixed #13750 -- Clarified need to reopen models.ImageField.image file...
  • 4d992bc [2.2.x] Fixed typo in docs/topics/files.txt.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 6 days

startedgoogle/jax

started time in 7 days

startedterrcin/augustctl

started time in 10 days

startedreplit/prybar

started time in 11 days

issue commentbfirsh/jsnes

How could we relicense to more liberal license?

@greigs no I've been very busy, sorry! Would this be useful for you?

bfirsh

comment created time in 13 days

startedmarl/medleydb

started time in 22 days

push eventarxiv-vanity/arxiv-vanity

ImgBotApp

commit sha 6dbef0c29cf0566d9871a8907b90dfac4b7e7954

[ImgBot] Optimize images *Total -- 157.19kb -> 156.12kb (0.68%) /docs/architecture.svg -- 83.63kb -> 82.92kb (0.86%) /arxiv_vanity/static/logo.png -- 23.73kb -> 23.61kb (0.51%) /arxiv_vanity/static/sponsor-yld.png -- 49.82kb -> 49.59kb (0.46%) Signed-off-by: ImgBotApp <ImgBotHelp@gmail.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

[ImgBot] Optimize images

Beep boop. Your images are optimized!

Your image file size has been reduced!

<details> <summary> Details </summary>

File Before After Percent reduction
/docs/architecture.svg 83.63kb 82.92kb 0.86%
/arxiv_vanity/static/logo.png 23.73kb 23.61kb 0.51%
/arxiv_vanity/static/sponsor-yld.png 49.82kb 49.59kb 0.46%
Total : 157.19kb 156.12kb 0.68%

</details>


📝docs | :octocat: repo | 🙋issues | 🏅swag | 🏪marketplace

+1 -4

0 comment

3 changed files

imgbot[bot]

pr closed time in a month

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 11f82fa7296771d46a94489414754dff92b500d9

Bump dotenv from 8.1.0 to 8.2.0 Bumps [dotenv](https://github.com/motdotla/dotenv) from 8.1.0 to 8.2.0. - [Release notes](https://github.com/motdotla/dotenv/releases) - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v8.1.0...v8.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/engrafo

Bump dotenv from 8.1.0 to 8.2.0 dependencies javascript

Bumps dotenv from 8.1.0 to 8.2.0. <details> <summary>Changelog</summary>

Sourced from dotenv's changelog.

8.2.0 (2019-10-16)

</details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -5

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 6b5d0f29354514a686b287c78c9e5606103afa8a

Bump eslint from 6.3.0 to 6.5.1 Bumps [eslint](https://github.com/eslint/eslint) from 6.3.0 to 6.5.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v6.3.0...v6.5.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/engrafo

Bump eslint from 6.3.0 to 6.5.1 dependencies javascript

Bumps eslint from 6.3.0 to 6.5.1. <details> <summary>Release notes</summary>

Sourced from eslint's releases.

v6.5.1

  • 0d3d7d9 Docs: fix typo in no-magic-numbers (#12345) (Josiah Rooney)
  • 447ac87 Fix: no-useless-rename handles ExperimentalRestProperty (fixes #12335) (#12339) (Kai Cataldo)
  • b6ff73c Sponsors: Sync README with website (ESLint Jenkins)

v6.5.0

  • 73596cb Update: Add enforceForSwitchCase option to use-isnan (#12106) (Milos Djermanovic)
  • d592a24 Fix: exclude \u000d so new line won't convert to text (fixes #12027) (#12031) (zamboney)
  • e85d27a Fix: no-regex-spaces false positives and invalid autofix (fixes #12226) (#12231) (Milos Djermanovic)
  • b349bf7 Fix: prefer-named-capture-group incorrect locations (fixes #12233) (#12247) (Milos Djermanovic)
  • 7dc1ea9 Fix: no-useless-return autofix removes comments (#12292) (Milos Djermanovic)
  • 0e68677 Fix: no-extra-bind autofix removes comments (#12293) (Milos Djermanovic)
  • 6ad7e86 Fix: no-extra-label autofix removes comments (#12298) (Milos Djermanovic)
  • acec201 Fix: no-undef-init autofix removes comments (#12299) (Milos Djermanovic)
  • d89390b Fix: use async reading of stdin in bin/eslint.js (fixes #12212) (#12230) (Barrie Treloar)
  • 334ca7c Update: no-useless-rename also reports default values (fixes #12301) (#12322) (Kai Cataldo)
  • 41bfe91 Update: Fix handling of chained new expressions in new-parens (#12303) (Milos Djermanovic)
  • 160b7c4 Chore: add autofix npm script (#12330) (Kai Cataldo)
  • 04b6adb Chore: enable eslint-plugin-jsdoc (refs #11146) (#12332) (Kai Cataldo)
  • 9b86167 Docs: Add new ES environments to Configuring ESLint (#12289) (Milos Djermanovic)
  • c9aeab2 Docs: Add supported ECMAScript version to README (#12290) (Milos Djermanovic)
  • 8316e7b Fix: no-useless-rename autofix removes comments (#12300) (Milos Djermanovic)
  • 29c12f1 Chore: cache results in runtime-info (#12320) (Kai Cataldo)
  • f5537b2 Fix: prefer-numeric-literals autofix removes comments (#12313) (Milos Djermanovic)
  • 11ae6fc Update: Fix call, new and member expressions in no-extra-parens (#12302) (Milos Djermanovic)
  • a7894eb New: add --env-info flag to CLI (#12270) (Kai Cataldo)
  • 61392ff Sponsors: Sync README with website (ESLint Jenkins)
  • 2c6bf8e Docs: English fix (#12306) (Daniel Nixon)
  • 6f11877 Sponsors: Sync README with website (ESLint Jenkins)
  • 2e202ca Docs: fix links in array-callback-return (#12288) (Milos Djermanovic)
  • e39c631 Docs: add example for CLIEngine#executeOnText 3rd arg (#12286) (Kai Cataldo)
  • d4f9a16 Update: add support for JSXFragments in indent rule (fixes #12208) (#12210) (Kai Cataldo)
  • c6af95f Sponsors: Sync README with website (ESLint Jenkins)
  • 8cadd52 Sponsors: Sync README with website (ESLint Jenkins)
  • f9fc695 Chore: enable default-param-last (#12244) (薛定谔的猫)
  • 9984c3e Docs: Update README team and sponsors (ESLint Jenkins)

v6.4.0

  • e915fff Docs: Improve examples and clarify default option (#12067) (Yuping Zuo)
  • 540296f Update: enforceForClassMembers option to accessor-pairs (fixes #12063) (#12192) (Milos Djermanovic)
  • d3c2334 Update: flag nested block with declaration as error (#12193) (David Waller)
  • b2498d2 Update: Fix handling of property names in no-self-assign (#12105) (Milos Djermanovic)
  • 1ee61b0 Update: enforceForClassMembers computed-property-spacing (fixes #12049) (#12214) (Milos Djermanovic)
  • 520c922 Docs: Added naming convention details to plugin usage (#12202) (Henrique Barcelos)
  • f826eab Fix: Allow line comment exception in object-curly-spacing (fixes #11902) (#12216) (Milos Djermanovic)
  • db2a29b Update: indentation of comment followed by semicolon (fixes #12232) (#12243) (Kai Cataldo)
  • ae17d1c Fix: no-sequences is reporting incorrect locations (#12241) (Milos Djermanovic)
  • 365331a Fix: object-shorthand providing invalid fixes for typescript (#12260) (Brad Zacher)
  • 1c921c6 New: add no-import-assign (fixes #12237) (#12252) (Toru Nagashima)
  • 3be04fd New: Add prefer-regex-literals rule (fixes #12238) (#12254) (Milos Djermanovic) </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from eslint's changelog.

v6.5.1 - September 30, 2019

  • 0d3d7d9 Docs: fix typo in no-magic-numbers (#12345) (Josiah Rooney)
  • 447ac87 Fix: no-useless-rename handles ExperimentalRestProperty (fixes #12335) (#12339) (Kai Cataldo)
  • b6ff73c Sponsors: Sync README with website (ESLint Jenkins)

v6.5.0 - September 29, 2019

  • 73596cb Update: Add enforceForSwitchCase option to use-isnan (#12106) (Milos Djermanovic)
  • d592a24 Fix: exclude \u000d so new line won't convert to text (fixes #12027) (#12031) (zamboney)
  • e85d27a Fix: no-regex-spaces false positives and invalid autofix (fixes #12226) (#12231) (Milos Djermanovic)
  • b349bf7 Fix: prefer-named-capture-group incorrect locations (fixes #12233) (#12247) (Milos Djermanovic)
  • 7dc1ea9 Fix: no-useless-return autofix removes comments (#12292) (Milos Djermanovic)
  • 0e68677 Fix: no-extra-bind autofix removes comments (#12293) (Milos Djermanovic)
  • 6ad7e86 Fix: no-extra-label autofix removes comments (#12298) (Milos Djermanovic)
  • acec201 Fix: no-undef-init autofix removes comments (#12299) (Milos Djermanovic)
  • d89390b Fix: use async reading of stdin in bin/eslint.js (fixes #12212) (#12230) (Barrie Treloar)
  • 334ca7c Update: no-useless-rename also reports default values (fixes #12301) (#12322) (Kai Cataldo)
  • 41bfe91 Update: Fix handling of chained new expressions in new-parens (#12303) (Milos Djermanovic)
  • 160b7c4 Chore: add autofix npm script (#12330) (Kai Cataldo)
  • 04b6adb Chore: enable eslint-plugin-jsdoc (refs #11146) (#12332) (Kai Cataldo)
  • 9b86167 Docs: Add new ES environments to Configuring ESLint (#12289) (Milos Djermanovic)
  • c9aeab2 Docs: Add supported ECMAScript version to README (#12290) (Milos Djermanovic)
  • 8316e7b Fix: no-useless-rename autofix removes comments (#12300) (Milos Djermanovic)
  • 29c12f1 Chore: cache results in runtime-info (#12320) (Kai Cataldo)
  • f5537b2 Fix: prefer-numeric-literals autofix removes comments (#12313) (Milos Djermanovic)
  • 11ae6fc Update: Fix call, new and member expressions in no-extra-parens (#12302) (Milos Djermanovic)
  • a7894eb New: add --env-info flag to CLI (#12270) (Kai Cataldo)
  • 61392ff Sponsors: Sync README with website (ESLint Jenkins)
  • 2c6bf8e Docs: English fix (#12306) (Daniel Nixon)
  • 6f11877 Sponsors: Sync README with website (ESLint Jenkins)
  • 2e202ca Docs: fix links in array-callback-return (#12288) (Milos Djermanovic)
  • e39c631 Docs: add example for CLIEngine#executeOnText 3rd arg (#12286) (Kai Cataldo)
  • d4f9a16 Update: add support for JSXFragments in indent rule (fixes #12208) (#12210) (Kai Cataldo)
  • c6af95f Sponsors: Sync README with website (ESLint Jenkins)
  • 8cadd52 Sponsors: Sync README with website (ESLint Jenkins)
  • f9fc695 Chore: enable default-param-last (#12244) (薛定谔的猫)
  • 9984c3e Docs: Update README team and sponsors (ESLint Jenkins)

v6.4.0 - September 13, 2019

  • e915fff Docs: Improve examples and clarify default option (#12067) (Yuping Zuo)
  • 540296f Update: enforceForClassMembers option to accessor-pairs (fixes #12063) (#12192) (Milos Djermanovic)
  • d3c2334 Update: flag nested block with declaration as error (#12193) (David Waller)
  • b2498d2 Update: Fix handling of property names in no-self-assign (#12105) (Milos Djermanovic)
  • 1ee61b0 Update: enforceForClassMembers computed-property-spacing (fixes #12049) (#12214) (Milos Djermanovic)
  • 520c922 Docs: Added naming convention details to plugin usage (#12202) (Henrique Barcelos)
  • f826eab Fix: Allow line comment exception in object-curly-spacing (fixes #11902) (#12216) (Milos Djermanovic)
  • db2a29b Update: indentation of comment followed by semicolon (fixes #12232) (#12243) (Kai Cataldo)
  • ae17d1c Fix: no-sequences is reporting incorrect locations (#12241) (Milos Djermanovic) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+5 -5

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

PR merged arxiv-vanity/engrafo

Bump debian from testing-20190812 to testing-20190910 dependencies docker

Bumps debian from testing-20190812 to testing-20190910.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 69123b478828f8971e1a6de01595b92f9f2a5d71

Bump debian from testing-20190812 to testing-20190910 Bumps debian from testing-20190812 to testing-20190910. Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

push eventembassynetwork/modernomad

dependabot-preview[bot]

commit sha 6ac8dc9336b9de3e89968848fe53b456027cdb99

Bump djangorestframework from 3.10.2 to 3.10.3 Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.10.2 to 3.10.3. - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](https://github.com/encode/django-rest-framework/compare/3.10.2...3.10.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged embassynetwork/modernomad

Bump djangorestframework from 3.10.2 to 3.10.3 dependencies python

Bumps djangorestframework from 3.10.2 to 3.10.3. <details> <summary>Commits</summary>

  • 89ac0a1 Version 3.10.3 (#6908)
  • 4b30b32 Default OpenAPI version to the empty string (#6907)
  • c0cf37e Update tutorial links (#6890)
  • e57c150 Replaced 'TODO' hardcoded version info by a parameter with default '0.1.0' (#...
  • b3f032f Fixed #6875 -- Made OpenAPI Schema operationId casing consistent. (#6876)
  • 1cc4be4 Fixed min/max attributes for serializers.ListField (#6866)
  • f8c1644 Add support for pagination in OpenAPI response schemas (#6867)
  • ec1b141 Fixed typos (#6872)
  • 5a8736a Handle 'None' return value of wait() properly during throttling. (#6837)
  • a142467 Fixed incorrect OpenAPI response schema generation for a DELETE method in gen...
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

PR merged embassynetwork/modernomad

Bump sentry-sdk from 0.11.2 to 0.12.3 dependencies python

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps sentry-sdk from 0.11.2 to 0.12.3. <details> <summary>Release notes</summary>

Sourced from sentry-sdk's releases.

0.12.3

  • Various performance improvements to event sending.
  • Avoid crashes when scope or hub is racy.
  • Revert a change that broke applications using gevent and channels (in the same virtualenv, but different processes).
  • Fix a bug that made the SDK crash on unicode in SQL.

0.12.2

  • Fix a crash with ASGI (Django Channels) when the ASGI request type is neither HTTP nor Websockets.

0.12.1

  • Temporarily remove sending of SQL parameters (as part of breadcrumbs or spans for APM) to Sentry to avoid memory consumption issues.

0.12.0

  • Sentry now has a Discord server! Join the server to get involved into SDK development and ask questions.
  • Fix a bug where the response object for httplib (or requests) was held onto for an unnecessarily long amount of time.
  • APM: Add spans for more methods on subprocess.Popen objects.
  • APM: Add spans for Django middlewares.
  • APM: Add spans for ASGI requests.
  • Automatically inject the ASGI middleware for Django Channels 2.0. This will break your Channels 2.0 application if it is running on Python 3.5 or 3.6 (while previously it would "only" leak a lot of memory for each ASGI request). Install aiocontextvars from PyPI to make it work again. </details> <details> <summary>Changelog</summary>

Sourced from sentry-sdk's changelog.

0.12.3

  • Various performance improvements to event sending.
  • Avoid crashes when scope or hub is racy.
  • Revert a change that broke applications using gevent and channels (in the same virtualenv, but different processes).
  • Fix a bug that made the SDK crash on unicode in SQL.

0.12.2

  • Fix a crash with ASGI (Django Channels) when the ASGI request type is neither HTTP nor Websockets.

0.12.1

  • Temporarily remove sending of SQL parameters (as part of breadcrumbs or spans for APM) to Sentry to avoid memory consumption issues.

0.12.0

  • Sentry now has a Discord server! Join the server to get involved into SDK development and ask questions.
  • Fix a bug where the response object for httplib (or requests) was held onto for an unnecessarily long amount of time.
  • APM: Add spans for more methods on subprocess.Popen objects.
  • APM: Add spans for Django middlewares.
  • APM: Add spans for ASGI requests.
  • Automatically inject the ASGI middleware for Django Channels 2.0. This will break your Channels 2.0 application if it is running on Python 3.5 or 3.6 (while previously it would "only" leak a lot of memory for each ASGI request). Install aiocontextvars from PyPI to make it work again. </details> <details> <summary>Commits</summary>
  • 5346c8b release: 0.12.3
  • b85bd7c doc: Changelog for 0.12.3
  • b9df7f8 fix: Do not crash on unicode queries
  • fa06bcb fix: Do not raise if channels could not be instrumented
  • fb15e13 fix: Actually run tests for fast_serialize (#521)
  • 3da615b ref: Remove serializer class (#518)
  • de4afa9 fix: Swap method and URL
  • 9659e4f fix: Fix sample dsn
  • 33473b8 fix: Fix azure build
  • fae46f6 fix: Avoid crashes when scope or hub is racy (#517)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventembassynetwork/modernomad

dependabot-preview[bot]

commit sha d3f4541aa7c9bf403231b5cc18ab3b5df40262fd

Bump sentry-sdk from 0.11.2 to 0.12.3 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.11.2 to 0.12.3. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md) - [Commits](https://github.com/getsentry/sentry-python/compare/0.11.2...0.12.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged embassynetwork/modernomad

Bump whitenoise from 4.1.3 to 4.1.4 dependencies python

Bumps whitenoise from 4.1.3 to 4.1.4. <details> <summary>Changelog</summary>

Sourced from whitenoise's changelog.

v4.1.4

  • Make tests more deterministic and easier to run outside of tox.
  • Fix Fedora packaging issue.
  • Use Black to format all code. </details> <details> <summary>Commits</summary>
  • fb95c45 Release v4.1.4
  • 4bb52af Support running tests with newer versions of requests
  • 06f1369 Enforce Black code style in lint step
  • 895f9ac Format entire codebase with Black
  • 2e8ef77 Run lint step under Python 3.7
  • 0ff5a91 Update utility script for Python 3 compatibility
  • 2a64e7a Pin exact versions of test dependencies
  • 1eb6f0a Pin the version of tox used in CI
  • 5595618 Merge pull request #226 from therumbler/patch-1
  • 454101e minor typo fix
  • See full diff in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventembassynetwork/modernomad

dependabot-preview[bot]

commit sha 8fa1cb67535fa1774336f0ac30e14c98a0d2a77b

Bump whitenoise from 4.1.3 to 4.1.4 Bumps [whitenoise](https://github.com/evansd/whitenoise) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/evansd/whitenoise/releases) - [Changelog](https://github.com/evansd/whitenoise/blob/master/docs/changelog.rst) - [Commits](https://github.com/evansd/whitenoise/compare/v4.1.3...v4.1.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha b9f7c8b03c7c44240accf9612e7f6f925c199e3a

Bump pylint from 2.4.1 to 2.4.2 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.4.1...pylint-2.4.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

Bump pylint from 2.4.1 to 2.4.2 dependencies python

Bumps pylint from 2.4.1 to 2.4.2. <details> <summary>Changelog</summary>

Sourced from pylint's changelog.

What's New in Pylint 2.4.2?

Release date: 2019-09-30

  • ignored-modules can skip submodules. Close #3135

  • self-assigning-variable skips class level assignments.

    Close #2930

  • consider-using-sys-exit is exempted when exit() is imported from sys

    Close #3145

  • Exempt annotated assignments without variable from class-variable-slots-conflict

    Close #3141

  • Fix utils.is_error to account for functions returning early.

    This fixes a false negative with unused-variable which was no longer triggered when a function raised an exception as the last instruction, but the body of the function still had unused variables.

    Close #3028 </details> <details> <summary>Commits</summary>

  • f7850aa Prepare 2.4.2
  • 6198797 Pin mypy and typed-ast to fix the CI
  • aa587ec Add the missing rc file for class_variable_slots_conflict
  • 552fa8a Fix utils.is_error to account for functions returning early.
  • 4ec293c Exempt annotated assignments without variable from ``class-variable-slots-con...
  • 1d3b07a consider-using-sys-exit is exempted when exit() is imported from sys
  • ae3d421 Pin astroid to the latest minor release
  • 2777743 Rename attributes to prepare for the astroid dataclass transform
  • fde732e Bump master to 2.4.2
  • d8fae01 self-assigning-variable skips class level assignments.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 8b7d721ad0d92dadf36b7edc42a9e32ff1dcc308

Bump docker from 4.0.2 to 4.1.0 Bumps [docker](https://github.com/docker/docker-py) from 4.0.2 to 4.1.0. - [Release notes](https://github.com/docker/docker-py/releases) - [Commits](https://github.com/docker/docker-py/compare/4.0.2...4.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

Bump docker from 4.0.2 to 4.1.0 dependencies python

Bumps docker from 4.0.2 to 4.1.0. <details> <summary>Release notes</summary>

Sourced from docker's releases.

4.1.0

List of PRs / issues for this release

Bugfixes

  • Correct INDEX_URL logic in build.py _set_auth_headers
  • Fix for empty auth keys in config.json

Features

  • Add NetworkAttachmentConfig for service create/update

Miscellaneous

  • Bump pytest to 4.3.1
  • Adjust --platform tests for changes in docker engine
  • Update credentials-helpers to v0.6.3 </details> <details> <summary>Commits</summary>
  • 6649587 Merge pull request #2443 from docker/4.1.0-release
  • 2bb08b3 Bump 4.1.0
  • 88219c6 Bump pytest to 4.3.1
  • bc89de6 Fix broken test due to BUSYBOX -> TEST_IMG rename
  • 7c8264c Correctly reference SecretReference
  • ec63237 Correctly reference ConfigReference
  • 934072a Add NetworkAttachmentConfig type
  • 0be550d Jenkinsfile: update python 3.6 -> 3.7
  • 38fe398 Jenkinsfile: update API version matrix; set default to v1.40
  • c88205c Amends the docs concerning multiple label filters
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 85308640c6bf550ae52d2ba432aaedd84c5cdae4

Bump sentry-sdk from 0.12.2 to 0.12.3 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.12.2 to 0.12.3. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md) - [Commits](https://github.com/getsentry/sentry-python/compare/0.12.2...0.12.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

Bump sentry-sdk from 0.12.2 to 0.12.3 dependencies python

Bumps sentry-sdk from 0.12.2 to 0.12.3. <details> <summary>Release notes</summary>

Sourced from sentry-sdk's releases.

0.12.3

  • Various performance improvements to event sending.
  • Avoid crashes when scope or hub is racy.
  • Revert a change that broke applications using gevent and channels (in the same virtualenv, but different processes).
  • Fix a bug that made the SDK crash on unicode in SQL. </details> <details> <summary>Changelog</summary>

Sourced from sentry-sdk's changelog.

0.12.3

  • Various performance improvements to event sending.
  • Avoid crashes when scope or hub is racy.
  • Revert a change that broke applications using gevent and channels (in the same virtualenv, but different processes).
  • Fix a bug that made the SDK crash on unicode in SQL. </details> <details> <summary>Commits</summary>
  • 5346c8b release: 0.12.3
  • b85bd7c doc: Changelog for 0.12.3
  • b9df7f8 fix: Do not crash on unicode queries
  • fa06bcb fix: Do not raise if channels could not be instrumented
  • fb15e13 fix: Actually run tests for fast_serialize (#521)
  • 3da615b ref: Remove serializer class (#518)
  • de4afa9 fix: Swap method and URL
  • 9659e4f fix: Fix sample dsn
  • 33473b8 fix: Fix azure build
  • fae46f6 fix: Avoid crashes when scope or hub is racy (#517)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha a7a50b67e8fa5f9e2a512c261d679a29760c68cb

Bump parcel-bundler from 1.12.3 to 1.12.4 Bumps [parcel-bundler](https://github.com/parcel-bundler/parcel) from 1.12.3 to 1.12.4. - [Release notes](https://github.com/parcel-bundler/parcel/releases) - [Changelog](https://github.com/parcel-bundler/parcel/blob/master/CHANGELOG.md) - [Commits](https://github.com/parcel-bundler/parcel/compare/parcel-bundler@1.12.3...parcel-bundler@1.12.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/engrafo

Bump parcel-bundler from 1.12.3 to 1.12.4 dependencies javascript

Bumps parcel-bundler from 1.12.3 to 1.12.4. <details> <summary>Changelog</summary>

Sourced from parcel-bundler's changelog.

[1.12.4] - 2019-10-06

  • BUG: postcss module generates wrong hashes Details
  • Shake exports with pure property assignments Details
  • Clear scope cache before crawling to fix scope hoisting classes Details
  • Replace module.require in scope hoisting Details
  • Define __esModule interop flag when requiring ES module from CommonJS Details
  • Fix assigning to exports from inside a function in scope hoisting Details
  • Added new parcel info command Details
  • Fix Scope hoisting destructuring Details
  • HMR update breaks in webworker Details
  • Update dotenv-expand to allow overriding with falsy values Details
  • bump chokidar to get a reload fix for linux Details
  • Upgrading serialize-to-js from 1.1.1 to 3.0.0 Details
  • Fix source map on CoffeeScript assets Details </details> <details> <summary>Commits</summary>
  • d9ec7af Publish
  • 430679c Update yarn.lock
  • fe08980 fix source maps on coffeescript assets (#3423)
  • dc393bf Fixes #3133 by upgrading serialize-to-js from 1.1.1 to 3.0.0 (#3451)
  • 96119be Fix up misleading usage information (#3158)
  • a92e9b2 bump chokidar to get a reload fix for linux (#2878)
  • 75a891e Use uppercase for the first letter of the issue template (#3192)
  • 6fbfe96 Update dotenv-expand to allow overriding of falsy values (#2971)
  • 7ad25fd Fixes 3076: HMR update breaks in webworker due to window (and location.reload...
  • 4b50182 Scope hoisting destructuring (#2742)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+268 -384

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha b91816a6d527bbf8e6c36180dd1db1ec87d0fb1d

Bump beautifulsoup4 from 4.8.0 to 4.8.1 Bumps [beautifulsoup4](http://www.crummy.com/software/BeautifulSoup/bs4/) from 4.8.0 to 4.8.1. Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

Bump beautifulsoup4 from 4.8.0 to 4.8.1 dependencies python

Bumps beautifulsoup4 from 4.8.0 to 4.8.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

issue openedbfirsh/heroku-tarsnap-backups

Restore command should restore to connected app

The restore command doesn't really work at the moment. What it should do is restore the latest backup to the current connected app, for the use-case where you want to bootstrap an app from backups.

created time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 58d61a86dfd5fc4664f3cbc19e46e9cc5642592d

Bump django from 2.2.5 to 2.2.6 Bumps [django](https://github.com/django/django) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/2.2.5...2.2.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in a month

PR merged arxiv-vanity/arxiv-vanity

Bump django from 2.2.5 to 2.2.6 dependencies python

Bumps django from 2.2.5 to 2.2.6. <details> <summary>Commits</summary>

  • b0654fd [2.2.x] Bumped version for 2.2.6 release.
  • e1a75db [2.2.x] Added release dates for 2.2.6, 2.1.13, and 1.11.25.
  • 43c894f [2.2.x] Doc'd that migrate commmand accepts a unique migration name prefix.
  • 4116b36 [2.2.x] Fixed #30597 -- Clarified how to unapply migrations.
  • 1ac2f25 [2.2.x] Refs #30597 -- Added a warning about dependent apps when unapplying m...
  • a6972e8 [2.2.x] Fixed #30216 -- Doc'd that BooleanField is no longer blank=True in Dj...
  • b1eea8a [2.2.x] Fixed #27921 -- Clarified usage of make_aware() with is_dst argument.
  • 38af257 [2.2.x] Fixed #30810 -- Fixed WatchmanReloaderTests.test_setting_timeout_from...
  • 80d78fd [2.2.x] Documented admonition on when to use custom signals
  • acc0d99 [2.2.x] Refs #30350 -- Doc'd support for range serialization in migrations.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 78bfe92200e304855007a92ea8c96cd865c0b63d

Bump pylint from 2.3.1 to 2.4.1 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.3.1 to 2.4.1. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.3.1...pylint-2.4.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump pylint from 2.3.1 to 2.4.1 dependencies python

Bumps pylint from 2.3.1 to 2.4.1. <details> <summary>Changelog</summary>

Sourced from pylint's changelog.

What's New in Pylint 2.4.1?

Release date: 2019-09-25

  • Exempt type checking definitions defined in both clauses of a type checking guard

    Close #3127

  • Exempt type checking definitions inside the type check guard

    In a7f236528bb3758886b97285a56f3f9ce5b13a99 we added basic support for emitting used-before-assignment if a variable was only defined inside a type checking guard (using TYPE_CHECKING variable from typing) Unfortunately that missed the case of using those type checking imports inside the guard itself, which triggered spurious used-before-assignment errors.

    Close #3119

  • Require astroid >= 2.3 to avoid any compatibility issues.

What's New in Pylint 2.4.0?

Release date: 2019-09-24

  • New check: import-outside-toplevel

    This check warns when modules are imported from places other than a module toplevel, e.g. inside a function or a class.

  • Handle inference ambiguity for invalid-format-index

    Close #2752

  • Removed Python 2 specific checks such as relative-import, invalid-encoded-data, missing-super-argument.

  • Support forward references for function-redefined check.

    Close #2540

  • Handle redefinitions in case of type checking imports.

    Close #2834

  • Added a new check, consider-using-sys-exit </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 5d2fbaf Prepare 2.4.1
  • 3159b17 Exempt type checking definitions defined in both clauses of a type checking g...
  • 2fa5d43 Exempt type checking definitions inside the type check guard
  • 2600815 Require astroid >= 2.3
  • fce8bff Try again to do a release
  • 6775a00 use a token for travis releases
  • 15209f6 Prepare release
  • d9ed7d1 Simplify and improve the logic of consider-iterating-dictionary
  • d23a16e Add regression test for old-division and floats. Close #3039
  • 3e1f61d Squash multiple checks for special classes into a single function
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 7bbc00e3f9d53b49a96dcb820fc193fe8d430eef

Bump whitenoise from 4.1.3 to 4.1.4 Bumps [whitenoise](https://github.com/evansd/whitenoise) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/evansd/whitenoise/releases) - [Changelog](https://github.com/evansd/whitenoise/blob/master/docs/changelog.rst) - [Commits](https://github.com/evansd/whitenoise/compare/v4.1.3...v4.1.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump whitenoise from 4.1.3 to 4.1.4 dependencies python

Bumps whitenoise from 4.1.3 to 4.1.4. <details> <summary>Changelog</summary>

Sourced from whitenoise's changelog.

v4.1.4

  • Make tests more deterministic and easier to run outside of tox.
  • Fix Fedora packaging issue.
  • Use Black to format all code. </details> <details> <summary>Commits</summary>
  • fb95c45 Release v4.1.4
  • 4bb52af Support running tests with newer versions of requests
  • 06f1369 Enforce Black code style in lint step
  • 895f9ac Format entire codebase with Black
  • 2e8ef77 Run lint step under Python 3.7
  • 0ff5a91 Update utility script for Python 3 compatibility
  • 2a64e7a Pin exact versions of test dependencies
  • 1eb6f0a Pin the version of tox used in CI
  • 5595618 Merge pull request #226 from therumbler/patch-1
  • 454101e minor typo fix
  • See full diff in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha e1e2a85431ad783c207a2fae69f1d6b8aea14b89

Bump sentry-sdk from 0.11.2 to 0.12.2 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.11.2 to 0.12.2. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md) - [Commits](https://github.com/getsentry/sentry-python/compare/0.11.2...0.12.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump sentry-sdk from 0.11.2 to 0.12.2 dependencies python

Bumps sentry-sdk from 0.11.2 to 0.12.2. <details> <summary>Release notes</summary>

Sourced from sentry-sdk's releases.

0.12.2

  • Fix a crash with ASGI (Django Channels) when the ASGI request type is neither HTTP nor Websockets.

0.12.1

  • Temporarily remove sending of SQL parameters (as part of breadcrumbs or spans for APM) to Sentry to avoid memory consumption issues.

0.12.0

  • Sentry now has a Discord server! Join the server to get involved into SDK development and ask questions.
  • Fix a bug where the response object for httplib (or requests) was held onto for an unnecessarily long amount of time.
  • APM: Add spans for more methods on subprocess.Popen objects.
  • APM: Add spans for Django middlewares.
  • APM: Add spans for ASGI requests.
  • Automatically inject the ASGI middleware for Django Channels 2.0. This will break your Channels 2.0 application if it is running on Python 3.5 or 3.6 (while previously it would "only" leak a lot of memory for each ASGI request). Install aiocontextvars from PyPI to make it work again. </details> <details> <summary>Changelog</summary>

Sourced from sentry-sdk's changelog.

0.12.2

  • Fix a crash with ASGI (Django Channels) when the ASGI request type is neither HTTP nor Websockets.

0.12.1

  • Temporarily remove sending of SQL parameters (as part of breadcrumbs or spans for APM) to Sentry to avoid memory consumption issues.

0.12.0

  • Sentry now has a Discord server! Join the server to get involved into SDK development and ask questions.
  • Fix a bug where the response object for httplib (or requests) was held onto for an unnecessarily long amount of time.
  • APM: Add spans for more methods on subprocess.Popen objects.
  • APM: Add spans for Django middlewares.
  • APM: Add spans for ASGI requests.
  • Automatically inject the ASGI middleware for Django Channels 2.0. This will break your Channels 2.0 application if it is running on Python 3.5 or 3.6 (while previously it would "only" leak a lot of memory for each ASGI request). Install aiocontextvars from PyPI to make it work again. </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

startedcuelang/cue

started time in 2 months

startedInstagram/LibCST

started time in 2 months

delete branch arxiv-vanity/engrafo

delete branch : bump-engrafo

delete time in 2 months

push eventarxiv-vanity/engrafo

Ben Firshman

commit sha 917ed9801ecf2cf149a5b234b96e814d67489168

Bump latexml

view details

Ben Firshman

commit sha bfd5ffe2c970f8c0660955fdde2dd7561fd69750

Add integration test for glossaries.sty

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump engrafo
+348 -243

0 comment

40 changed files

bfirsh

pr closed time in 2 months

push eventarxiv-vanity/engrafo

Ben Firshman

commit sha 222dadf83e7b62d1f59f3a96a83167e0e39bfec6

Bump latexml

view details

Ben Firshman

commit sha b5f6b7c50443b0f7b6cebda0e6dca6dfd89b6697

Add integration test for glossaries.sty

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump @babel/runtime from 7.5.5 to 7.6.0 dependencies javascript

Bumps @babel/runtime from 7.5.5 to 7.6.0. <details> <summary>Release notes</summary>

Sourced from @babel/runtime's releases.

v7.6.0 (2019-09-06)

:eyeglasses: Spec Compliance

  • babel-generator, babel-parser
  • babel-helpers, babel-plugin-transform-block-scoping, babel-traverse

:rocket: New Feature

  • babel-core
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-private-methods
  • babel-generator, babel-parser, babel-types
  • babel-preset-typescript
  • babel-parser
  • babel-types

:bug: Bug Fix

  • babel-helpers, babel-plugin-transform-destructuring, babel-plugin-transform-modules-commonjs, babel-preset-env
  • babel-plugin-transform-runtime
  • babel-preset-env
  • babel-plugin-transform-named-capturing-groups-regex
  • babel-types
  • babel-parser
  • babel-parser, babel-types
  • babel-generator, babel-plugin-transform-typescript, babel-types
  • babel-core, babel-types
  • babel-plugin-transform-flow-comments
  • babel-helpers, babel-plugin-transform-react-constant-elements </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from @babel/runtime's changelog.

v7.6.0 (2019-09-06)

:eyeglasses: Spec Compliance

  • babel-generator, babel-parser
  • babel-helpers, babel-plugin-transform-block-scoping, babel-traverse

:rocket: New Feature

  • babel-core
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-private-methods
  • babel-generator, babel-parser, babel-types
  • babel-preset-typescript
  • babel-parser
  • babel-types

:bug: Bug Fix

  • babel-helpers, babel-plugin-transform-destructuring, babel-plugin-transform-modules-commonjs, babel-preset-env
  • babel-plugin-transform-runtime
  • babel-preset-env
  • babel-plugin-transform-named-capturing-groups-regex
  • babel-types
  • babel-parser
  • babel-parser, babel-types
  • babel-generator, babel-plugin-transform-typescript, babel-types
  • babel-core, babel-types
  • babel-plugin-transform-flow-comments
  • babel-helpers, babel-plugin-transform-react-constant-elements
    • #10307 [fix] jsx helper calls order (@​Sinewyk) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+5 -5

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha e75f15a35f5d78881e55969506deafccb7a00b87

Bump @babel/runtime from 7.5.5 to 7.6.0 Bumps [@babel/runtime](https://github.com/babel/babel) from 7.5.5 to 7.6.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.5.5...v7.6.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR opened arxiv-vanity/engrafo

Bump engrafo
+128 -1

0 comment

4 changed files

pr created time in 2 months

create barncharxiv-vanity/engrafo

branch : bump-engrafo

created branch time in 2 months

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 5cd5db92515dd289fd35f63c4897c80609fd91df

Bump django-storages from 1.7.1 to 1.7.2 Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/jschneier/django-storages/releases) - [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jschneier/django-storages/compare/1.7.1...1.7.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump django-storages from 1.7.1 to 1.7.2 dependencies python

Bumps django-storages from 1.7.1 to 1.7.2. <details> <summary>Changelog</summary>

Sourced from django-storages's changelog.

1.7.2 (2019-09-10)

S3

  • Avoid misleading AWS_DEFAULT_ACL warning for insecure default_acl when overridden as a class variable (#591)
  • Propagate file deletion to cache when preload_metadata is True, (not the default) (#743, #749)
  • Fix exception raised on closed file (common if using ManifestFilesMixin or collectstatic. (#382, #754)

Azure

  • Pare down the required packages in extra_requires when installing the azure extra to only azure-storage-blob (#680, #684)
  • Fix compatability with generate_blob_shared_access_signature updated signature (#705, #723)
  • Fetching a file now uses the configured timeout rather than hardcoding one (#727)
  • Add support for configuring all blobservice options: AZURE_EMULATED_MODE, AZURE_ENDPOINT_SUFFIX, AZURE_CUSTOM_DOMAIN, AZURE_CONNECTION_STRING, AZURE_CUSTOM_CONNECTION_STRING, AZURE_TOKEN_CREDENTIAL. See the docs for more info. Huge thanks once again to @​nitely. (#750)
  • Fix filename handling to not strip special characters (#609, #752)

Google Cloud

  • Set the file acl in the same call that uploads it (#698)
  • Reduce the number of queries and required permissions when GS_AUTO_CREATE_BUCKET is False (the default) (#412, #718)
  • Set the predefined_acl when creating a GoogleCloudFile using .write (#640, #756)
  • Add GS_BLOB_CHUNK_SIZE setting to enable efficient uploading of large files (#757)

Dropbox

  • Complete migration to v2 api with file fetching and metadata fixes (#724)
  • Add DROPBOX_TIMEOUT to configure client timeout defaulting to 100 seconds to match the underlying sdk. (#419, #747)

SFTP

  • Fix reopening a file (#746) </details> <details> <summary>Commits</summary>
  • 7c7a299 Release version 1.7.2
  • f9f6116 Update CHANGELOG with improvements for the new release
  • 5d29ac6 Minor docs fixes
  • 6237948 GoogleCloud: Add GS_BLOB_CHUNK_SIZE setting (#757)
  • 4b7c278 GoogleCloud: Set predefined_acl when using file write operations (#756)
  • 1cf9b59 S3Boto3: Fix ValueError I/O operation on closed file (#754)
  • b1d8e82 Azure: remove unnecessary check (#753)
  • 2fbaa70 Azure: improve handling of special characters in filenames (#752)
  • c175abf Use tox configuration option "extras" (#751)
  • 0951906 Azure: Support all blobstorage settings (#750)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

pull request commentbrucemiller/LaTeXML

Add support for glossaries.sty

Nice!! :tada:

bfirsh

comment created time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha cd0ca14b1a4aa19991263fe846ca7409c454c4c9

Bump eslint from 6.1.0 to 6.3.0 Bumps [eslint](https://github.com/eslint/eslint) from 6.1.0 to 6.3.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v6.1.0...v6.3.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump eslint from 6.1.0 to 6.3.0 dependencies javascript

Bumps eslint from 6.1.0 to 6.3.0. <details> <summary>Release notes</summary>

Sourced from eslint's releases.

v6.3.0

  • 0acdefb Chore: refactor code (#12113) (James George)
  • 52e2cf5 New: reportUnusedDisableDirectives in config (refs eslint/rfcs#22) (#12151) (Toru Nagashima)
  • 020f952 Update: enforceForSequenceExpressions to no-extra-parens (fixes #11916) (#12142) (Milos Djermanovic)
  • aab1b84 Fix: reset to the default color (#12174) (Ricardo Gobbo de Souza)
  • 4009d39 Fix: yoda rule produces invalid autofix with preceding yield (#12166) (Milos Djermanovic)
  • febb660 Fix: no-extra-boolean-cast invalid autofix with yield before negation (#12164) (Milos Djermanovic)
  • 4c0b70b New: support TypeScript at config initializer (fixes #11789) (#12172) (Pig Fang)
  • 94e39d9 Chore: use GitHub Actions (#12144) (Toru Nagashima)
  • e88f305 Chore: support es2020 in fuzz (#12180) (薛定谔的猫)
  • 00d2c5b Docs: corrected class extension example (#12176) (Marius M)
  • 31e5428 Chore: Fix wrong error object keys in test files (#12162) (Milos Djermanovic)
  • 197f443 Fix: func-name-matching crash on descriptor-like arguments (#12100) (Milos Djermanovic)
  • 644ce33 Fix: no-self-assign false positive with rest and spread in array (#12099) (Milos Djermanovic)
  • a81d263 Fix: fix message of function-paren-newline (#12136) (Pig Fang)
  • 77f8ed1 Chore: update blogpost template (#12154) (Toru Nagashima)
  • 6abc7b7 Docs: Document the exception in no-unsafe-negation (#12161) (Milos Djermanovic)

v6.2.2

  • 0e0b784 Upgrade: espree@^6.1.1 (#12158) (Kevin Partington)
  • 04e859f Sponsors: Sync README with website (ESLint Jenkins)
  • 34783d1 Sponsors: Sync README with website (ESLint Jenkins)
  • b809e72 Docs: Update README team and sponsors (ESLint Jenkins)

v6.2.1

  • 8c021b5 Upgrade: eslint-utils 1.4.2 (#12131) (Toru Nagashima)
  • e82388b Sponsors: Sync README with website (ESLint Jenkins)
  • 4aeeeed Docs: update docs for ecmaVersion 2020 (#12120) (silverwind)
  • 6886148 Docs: Add duplicate keys limitation to accessor-pairs (#12124) (Milos Djermanovic)

v6.2.0

  • fee6acb Update: support bigint and dynamic import (refs #11803) (#11983) (Toru Nagashima)
  • afd8012 New: noInlineConfig setting (refs eslint/rfcs#22) (#12091) (Toru Nagashima)
  • 3d12378 Update: Fix accessor-pairs to enforce pairs per property in literals (#12062) (Milos Djermanovic)
  • 8cd00b3 New: function-call-argument-newline (#12024) (finico)
  • 30ebf92 Fix: prefer-template autofix produces syntax error with octal escapes (#12085) (Milos Djermanovic)
  • 13c3988 Fix: Check literal type explicitly in dot-notation (#12095) (Milos Djermanovic)
  • 3e5ceca Fix: Handle empty string property names in getFunctionNameWithKind (#12104) (Milos Djermanovic)
  • 9a043ff Fix: no-duplicate-case false positives on Object.prototype keys (#12107) (Milos Djermanovic)
  • fe631af Chore: minor typo fix (#12112) (James George)
  • 4cb7877 Fix: fix no-extra-parens ignores some nodes (#11909) (Pig Fang)
  • 2dc23b8 Update: fix no-dupe-keys false negatives on empty string names (#12069) (Milos Djermanovic)
  • 19ab666 Fix: yoda exceptRange false positives on empty string property names (#12071) (Milos Djermanovic)
  • d642150 Update: Check empty string property names in sort-keys (#12073) (Milos Djermanovic)
  • acce6de Fix: class-methods-use-this reports 'undefined' names (#12103) (Milos Djermanovic)
  • 92ec2cb Fix: Allow bind call with a single spread element in no-extra-bind (#12088) (Milos Djermanovic)
  • bfdb0c9 Fix: no-extra-boolean-cast invalid autofix for Boolean() without args (#12076) (Milos Djermanovic)
  • 34ccc0c Chore: Remove TDZ scope type condition from no-unused-vars (#12055) (Milos Djermanovic)
  • 01d38ce Docs: Remove TDZ scope from the scope manager interface documentation (#12054) (Milos Djermanovic)
  • 1aff8fc Update: warn about mixing ternary and logical operators (fixes #11704) (#12001) (Karthik Priyadarshan) </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from eslint's changelog.

v6.3.0 - August 30, 2019

  • 0acdefb Chore: refactor code (#12113) (James George)
  • 52e2cf5 New: reportUnusedDisableDirectives in config (refs eslint/rfcs#22) (#12151) (Toru Nagashima)
  • 020f952 Update: enforceForSequenceExpressions to no-extra-parens (fixes #11916) (#12142) (Milos Djermanovic)
  • aab1b84 Fix: reset to the default color (#12174) (Ricardo Gobbo de Souza)
  • 4009d39 Fix: yoda rule produces invalid autofix with preceding yield (#12166) (Milos Djermanovic)
  • febb660 Fix: no-extra-boolean-cast invalid autofix with yield before negation (#12164) (Milos Djermanovic)
  • 4c0b70b New: support TypeScript at config initializer (fixes #11789) (#12172) (Pig Fang)
  • 94e39d9 Chore: use GitHub Actions (#12144) (Toru Nagashima)
  • e88f305 Chore: support es2020 in fuzz (#12180) (薛定谔的猫)
  • 00d2c5b Docs: corrected class extension example (#12176) (Marius M)
  • 31e5428 Chore: Fix wrong error object keys in test files (#12162) (Milos Djermanovic)
  • 197f443 Fix: func-name-matching crash on descriptor-like arguments (#12100) (Milos Djermanovic)
  • 644ce33 Fix: no-self-assign false positive with rest and spread in array (#12099) (Milos Djermanovic)
  • a81d263 Fix: fix message of function-paren-newline (#12136) (Pig Fang)
  • 77f8ed1 Chore: update blogpost template (#12154) (Toru Nagashima)
  • 6abc7b7 Docs: Document the exception in no-unsafe-negation (#12161) (Milos Djermanovic)

v6.2.2 - August 23, 2019

  • 0e0b784 Upgrade: espree@^6.1.1 (#12158) (Kevin Partington)
  • 04e859f Sponsors: Sync README with website (ESLint Jenkins)
  • 34783d1 Sponsors: Sync README with website (ESLint Jenkins)
  • b809e72 Docs: Update README team and sponsors (ESLint Jenkins)

v6.2.1 - August 20, 2019

  • 8c021b5 Upgrade: eslint-utils 1.4.2 (#12131) (Toru Nagashima)
  • e82388b Sponsors: Sync README with website (ESLint Jenkins)
  • 4aeeeed Docs: update docs for ecmaVersion 2020 (#12120) (silverwind)
  • 6886148 Docs: Add duplicate keys limitation to accessor-pairs (#12124) (Milos Djermanovic)

v6.2.0 - August 18, 2019

  • fee6acb Update: support bigint and dynamic import (refs #11803) (#11983) (Toru Nagashima)
  • afd8012 New: noInlineConfig setting (refs eslint/rfcs#22) (#12091) (Toru Nagashima)
  • 3d12378 Update: Fix accessor-pairs to enforce pairs per property in literals (#12062) (Milos Djermanovic)
  • 8cd00b3 New: function-call-argument-newline (#12024) (finico)
  • 30ebf92 Fix: prefer-template autofix produces syntax error with octal escapes (#12085) (Milos Djermanovic)
  • 13c3988 Fix: Check literal type explicitly in dot-notation (#12095) (Milos Djermanovic)
  • 3e5ceca Fix: Handle empty string property names in getFunctionNameWithKind (#12104) (Milos Djermanovic)
  • 9a043ff Fix: no-duplicate-case false positives on Object.prototype keys (#12107) (Milos Djermanovic)
  • fe631af Chore: minor typo fix (#12112) (James George)
  • 4cb7877 Fix: fix no-extra-parens ignores some nodes (#11909) (Pig Fang)
  • 2dc23b8 Update: fix no-dupe-keys false negatives on empty string names (#12069) (Milos Djermanovic)
  • 19ab666 Fix: yoda exceptRange false positives on empty string property names (#12071) (Milos Djermanovic)
  • d642150 Update: Check empty string property names in sort-keys (#12073) (Milos Djermanovic)
  • acce6de Fix: class-methods-use-this reports 'undefined' names (#12103) (Milos Djermanovic)
  • 92ec2cb Fix: Allow bind call with a single spread element in no-extra-bind (#12088) (Milos Djermanovic) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+28 -28

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha d8d992add16dab7a8ca32cf55313839e3193f7e3

Bump @babel/core from 7.5.5 to 7.6.0 Bumps [@babel/core](https://github.com/babel/babel) from 7.5.5 to 7.6.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.5.5...v7.6.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump @babel/core from 7.5.5 to 7.6.0 dependencies javascript

Bumps @babel/core from 7.5.5 to 7.6.0. <details> <summary>Release notes</summary>

Sourced from @babel/core's releases.

v7.6.0 (2019-09-06)

:eyeglasses: Spec Compliance

  • babel-generator, babel-parser
  • babel-helpers, babel-plugin-transform-block-scoping, babel-traverse

:rocket: New Feature

  • babel-core
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-private-methods
  • babel-generator, babel-parser, babel-types
  • babel-preset-typescript
  • babel-parser
  • babel-types

:bug: Bug Fix

  • babel-helpers, babel-plugin-transform-destructuring, babel-plugin-transform-modules-commonjs, babel-preset-env
  • babel-plugin-transform-runtime
  • babel-preset-env
  • babel-plugin-transform-named-capturing-groups-regex
  • babel-types
  • babel-parser
  • babel-parser, babel-types
  • babel-generator, babel-plugin-transform-typescript, babel-types
  • babel-core, babel-types
  • babel-plugin-transform-flow-comments
  • babel-helpers, babel-plugin-transform-react-constant-elements </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from @babel/core's changelog.

v7.6.0 (2019-09-06)

:eyeglasses: Spec Compliance

  • babel-generator, babel-parser
  • babel-helpers, babel-plugin-transform-block-scoping, babel-traverse

:rocket: New Feature

  • babel-core
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-private-methods
  • babel-generator, babel-parser, babel-types
  • babel-preset-typescript
  • babel-parser
  • babel-types

:bug: Bug Fix

  • babel-helpers, babel-plugin-transform-destructuring, babel-plugin-transform-modules-commonjs, babel-preset-env
  • babel-plugin-transform-runtime
  • babel-preset-env
  • babel-plugin-transform-named-capturing-groups-regex
  • babel-types
  • babel-parser
  • babel-parser, babel-types
  • babel-generator, babel-plugin-transform-typescript, babel-types
  • babel-core, babel-types
  • babel-plugin-transform-flow-comments
  • babel-helpers, babel-plugin-transform-react-constant-elements
    • #10307 [fix] jsx helper calls order (@​Sinewyk) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+45 -50

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

startedhindupuravinash/the-gan-zoo

started time in 2 months

issue commentarxiv-vanity/arxiv-vanity

Arxiv is super careful with emails so maybe we should be too

Thank you for the reminder to fix this! Deploying now, and all caches should be cleared in an hour or so...

bfirsh

comment created time in 2 months

push eventarxiv-vanity/arxiv-vanity

Ben Firshman

commit sha d9b56b5aa0985ee53a754d08179e5d5a8cfb7031

Remove all emails from papers Closes #124

view details

push time in 2 months

issue closedarxiv-vanity/arxiv-vanity

Arxiv is super careful with emails so maybe we should be too

https://arxiv.org/help/email-protection

We do obfuscate with Cloudflare, but that doesn't protect against just rendering the page in a browser. We could just strip emails entirely.

closed time in 2 months

bfirsh

issue commentarxiv-vanity/arxiv-vanity

Arxiv is super careful with emails so maybe we should be too

@wonjininfo Looks like the latest version of your paper doesn't have latex source, so I've re-rendered and I accidentally fixed the problem. 😂

In the meantime I will have a go at filtering out email addresses from all other papers. I think it is unexpected behaviour -- an email address in a PDF feels safer from spammers somehow.

bfirsh

comment created time in 2 months

issue commentarxiv-vanity/arxiv-vanity

Arxiv is super careful with emails so maybe we should be too

@wonjininfo Ah – this is a tough one because it shows up in an error message! Hmm. Let me see if I can write a regexp to filter out email addresses. If not I might have to disable your paper completely, if you don't mind...

bfirsh

comment created time in 2 months

push eventembassynetwork/modernomad

dependabot-preview[bot]

commit sha ac5e3590aabf2fd051a006bd2595d16fb10cd48c

Bump sentry-sdk from 0.10.2 to 0.11.2 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.10.2 to 0.11.2. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md) - [Commits](https://github.com/getsentry/sentry-python/compare/0.10.2...0.11.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged embassynetwork/modernomad

Bump sentry-sdk from 0.10.2 to 0.11.2 dependencies python

Bumps sentry-sdk from 0.10.2 to 0.11.2. <details> <summary>Release notes</summary>

Sourced from sentry-sdk's releases.

0.11.2

  • Fix a bug where the SDK would throw an exception on shutdown when running under eventlet.
  • Add missing data to Redis breadcrumbs.

0.11.1

  • Remove a faulty assertion (observed in environment with Django Channels and ASGI).

0.11.0

  • Fix type hints for the logging integration. Thansk Steven Dignam!
  • Fix an issue where scope/context data would leak in applications that use gevent with its threading monkeypatch. The fix is to avoid usage of contextvars in such environments. Thanks Ran Benita!
  • Fix a reference cycle in the ThreadingIntegration that led to exceptions on interpreter shutdown. Thanks Guang Tian Li!
  • Fix a series of bugs in the stdlib integration that broke usage of subprocess.
  • More instrumentation for APM.
  • New integration for SQLAlchemy (creates breadcrumbs from queries).
  • New (experimental) integration for Apache Beam.
  • Fix a bug in the LoggingIntegration that would send breadcrumbs timestamps in the wrong timezone.
  • The AiohttpIntegration now sets the event's transaction name.
  • Fix a bug that caused infinite recursion when serializing local variables that logged errors or otherwise created Sentry events. </details> <details> <summary>Changelog</summary>

Sourced from sentry-sdk's changelog.

0.11.2

  • Fix a bug where the SDK would throw an exception on shutdown when running under eventlet.
  • Add missing data to Redis breadcrumbs.

0.11.1

  • Remove a faulty assertion (observed in environment with Django Channels and ASGI).

0.11.0

  • Fix type hints for the logging integration. Thansk Steven Dignam!
  • Fix an issue where scope/context data would leak in applications that use gevent with its threading monkeypatch. The fix is to avoid usage of contextvars in such environments. Thanks Ran Benita!
  • Fix a reference cycle in the ThreadingIntegration that led to exceptions on interpreter shutdown. Thanks Guang Tian Li!
  • Fix a series of bugs in the stdlib integration that broke usage of subprocess.
  • More instrumentation for APM.
  • New integration for SQLAlchemy (creates breadcrumbs from queries).
  • New (experimental) integration for Apache Beam.
  • Fix a bug in the LoggingIntegration that would send breadcrumbs timestamps in the wrong timezone.
  • The AiohttpIntegration now sets the event's transaction name.
  • Fix a bug that caused infinite recursion when serializing local variables that logged errors or otherwise created Sentry events. </details> <details> <summary>Commits</summary>
  • 5f9f7c4 release: 0.11.2
  • 9f64c04 doc: Add more changelog entries
  • fb9135d fix: Add breadcrumb description (#489)
  • fff3f5a doc: Changelog for 0.11.2
  • cdee59c fix: Do not store modules in transaction events (#490)
  • 87e5749 fix(transport): Detect eventlet's Queue monkeypatch and work around it (#484)
  • ebc00b2 test(django): Add tests for permission denied handling (#482)
  • 1042ecb build(deps): bump werkzeug from 0.14.1 to 0.15.3 (#477)
  • 2dc260c fix: Add more stuff to integrations checklist
  • de97048 Merge release/0.11.1 into master
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventembassynetwork/modernomad

dependabot-preview[bot]

commit sha cc3735a0e7d40778c16a861217f5714cfa9d6326

[Security] Bump django from 1.11.22 to 1.11.23 Bumps [django](https://github.com/django/django) from 1.11.22 to 1.11.23. **This update includes security fixes.** - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/1.11.22...1.11.23) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged embassynetwork/modernomad

[Security] Bump django from 1.11.22 to 1.11.23 dependencies python security

Bumps django from 1.11.22 to 1.11.23. This update includes security fixes. <details> <summary>Vulnerabilities fixed</summary>

Sourced from The GitHub Security Advisory Database.

Moderate severity vulnerability that affects django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.

Affected versions: >= 1.11.0, < 1.11.23

Sourced from The GitHub Security Advisory Database.

Moderate severity vulnerability that affects django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.

Affected versions: >= 1.11.0, < 1.11.23

Sourced from The GitHub Security Advisory Database.

Moderate severity vulnerability that affects django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.

Affected versions: >= 1.11.0, < 1.11.23

Sourced from The GitHub Security Advisory Database.

Moderate severity vulnerability that affects django An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.

Affected versions: >= 1.11.0, < 1.11.23

</details> <details> <summary>Commits</summary>

  • 9748977 [1.11.x] Bumped version for 1.11.23 release.
  • 869b34e [1.11.x] Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django....
  • ed682a2 [1.11.x] Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and inde...
  • 52479ac [1.11.x] Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in ...
  • 42a66e9 [1.11.X] Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues ...
  • 693046e [1.11.x] Added stub release notes for security releases.
  • 6d054b5 [1.11.x] Added CVE-2019-12781 to the security release archive.
  • 7c849b9 [1.11.x] Post-release version bump.
  • See full diff in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha dc332670ac58b5dfa40d4251b568a33b2bf33f1e

Bump django from 2.2.4 to 2.2.5 Bumps [django](https://github.com/django/django) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/2.2.4...2.2.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump django from 2.2.4 to 2.2.5 dependencies python

Bumps django from 2.2.4 to 2.2.5. <details> <summary>Commits</summary>

  • ce97960 [2.2.x] Bumped version for 2.2.5 release.
  • 8514c6f [2.2.x] Updated man page for Django 2.2.
  • 4ed59db [2.2.x] Added release dates for 2.2.5, 2.1.12, and 1.11.24.
  • 11cdfb3 [2.2.x] Fixed #30738 -- Fixed typo in docs/ref/forms/widgets.txt.
  • 16e5e8f [2.2.x] Fixed #30733 -- Doc'd that datetime lookups require time zone definit...
  • 6402855 [2.2.x] Fixed #30500 -- Fixed race condition in loading URLconf module.
  • 6c17b86 [2.2.x] Doc'd for_save argument of Expression.resolve_expression().
  • 56f7a62 [2.2.x] Fixed typo in docs/ref/applications.txt.
  • 9b7c5a9 [2.2.x] Fixed broken links and redirects in documentation.
  • 0dc3ad1 [2.2.x] Fixed #30695 -- Used relative path in default_storage docs example.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/arxiv-vanity

dependabot-preview[bot]

commit sha 685cdec30c3879a43cd14b36f55c47cda61c45a2

Bump sentry-sdk from 0.10.2 to 0.11.2 Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.10.2 to 0.11.2. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md) - [Commits](https://github.com/getsentry/sentry-python/compare/0.10.2...0.11.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/arxiv-vanity

Bump sentry-sdk from 0.10.2 to 0.11.2 dependencies python

Bumps sentry-sdk from 0.10.2 to 0.11.2. <details> <summary>Release notes</summary>

Sourced from sentry-sdk's releases.

0.11.2

  • Fix a bug where the SDK would throw an exception on shutdown when running under eventlet.
  • Add missing data to Redis breadcrumbs.

0.11.1

  • Remove a faulty assertion (observed in environment with Django Channels and ASGI).

0.11.0

  • Fix type hints for the logging integration. Thansk Steven Dignam!
  • Fix an issue where scope/context data would leak in applications that use gevent with its threading monkeypatch. The fix is to avoid usage of contextvars in such environments. Thanks Ran Benita!
  • Fix a reference cycle in the ThreadingIntegration that led to exceptions on interpreter shutdown. Thanks Guang Tian Li!
  • Fix a series of bugs in the stdlib integration that broke usage of subprocess.
  • More instrumentation for APM.
  • New integration for SQLAlchemy (creates breadcrumbs from queries).
  • New (experimental) integration for Apache Beam.
  • Fix a bug in the LoggingIntegration that would send breadcrumbs timestamps in the wrong timezone.
  • The AiohttpIntegration now sets the event's transaction name.
  • Fix a bug that caused infinite recursion when serializing local variables that logged errors or otherwise created Sentry events. </details> <details> <summary>Changelog</summary>

Sourced from sentry-sdk's changelog.

0.11.2

  • Fix a bug where the SDK would throw an exception on shutdown when running under eventlet.
  • Add missing data to Redis breadcrumbs.

0.11.1

  • Remove a faulty assertion (observed in environment with Django Channels and ASGI).

0.11.0

  • Fix type hints for the logging integration. Thansk Steven Dignam!
  • Fix an issue where scope/context data would leak in applications that use gevent with its threading monkeypatch. The fix is to avoid usage of contextvars in such environments. Thanks Ran Benita!
  • Fix a reference cycle in the ThreadingIntegration that led to exceptions on interpreter shutdown. Thanks Guang Tian Li!
  • Fix a series of bugs in the stdlib integration that broke usage of subprocess.
  • More instrumentation for APM.
  • New integration for SQLAlchemy (creates breadcrumbs from queries).
  • New (experimental) integration for Apache Beam.
  • Fix a bug in the LoggingIntegration that would send breadcrumbs timestamps in the wrong timezone.
  • The AiohttpIntegration now sets the event's transaction name.
  • Fix a bug that caused infinite recursion when serializing local variables that logged errors or otherwise created Sentry events. </details> <details> <summary>Commits</summary>
  • 5f9f7c4 release: 0.11.2
  • 9f64c04 doc: Add more changelog entries
  • fb9135d fix: Add breadcrumb description (#489)
  • fff3f5a doc: Changelog for 0.11.2
  • cdee59c fix: Do not store modules in transaction events (#490)
  • 87e5749 fix(transport): Detect eventlet's Queue monkeypatch and work around it (#484)
  • ebc00b2 test(django): Add tests for permission denied handling (#482)
  • 1042ecb build(deps): bump werkzeug from 0.14.1 to 0.15.3 (#477)
  • 2dc260c fix: Add more stuff to integrations checklist
  • de97048 Merge release/0.11.1 into master
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha e7fc3491b24135931103217456678e1ecbbda23c

Bump sass-loader from 7.2.0 to 8.0.0 Bumps [sass-loader](https://github.com/webpack-contrib/sass-loader) from 7.2.0 to 8.0.0. - [Release notes](https://github.com/webpack-contrib/sass-loader/releases) - [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/sass-loader/compare/v7.2.0...v8.0.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump sass-loader from 7.2.0 to 8.0.0 dependencies javascript

Bumps sass-loader from 7.2.0 to 8.0.0. <details> <summary>Release notes</summary>

Sourced from sass-loader's releases.

v8.0.0

⚠ BREAKING CHANGES

  • minimum required webpack version is 4.36.0
  • minimum required node.js version is 8.9.0
  • move all sass (includePaths, importer, functions) options to the sassOptions option. The functions option can't be used as Function, you should use sassOption as Function to achieve this.
  • the data option was renamed to the prependData option
  • default value of the sourceMap option depends on the devtool value (eval/false values don't enable source map generation)

Features

  • automatically use the fibers package if it is possible (#744) (96184e1)
  • source map generation depends on the devtool option (#743) (fcea88e)
  • validate loader options (#737) (7b543fc)
  • reworked error handling from node-sass/sass
  • improve resolution for @import (including support _index and index files in a directory)

Bug Fixes

  • compatibility with pnp

v7.3.1

7.3.1 (2019-08-20)

Bug Fixes

  • minimum node version in package.json (#733) (1175920)

v7.3.0

7.3.0 (2019-08-20)

Bug Fixes

Features

  • webpackImporter option (#732) (6f4ea37) </details> <details> <summary>Changelog</summary>

Sourced from sass-loader's changelog.

8.0.0 (2019-08-29)

⚠ BREAKING CHANGES

  • minimum required webpack version is 4.36.0
  • minimum required node.js version is 8.9.0
  • move all sass (includePaths, importer, functions) options to the sassOptions option. The functions option can't be used as Function, you should use sassOption as Function to achieve this.
  • the data option was renamed to the prependData option
  • default value of the sourceMap option depends on the devtool value (eval/false values don't enable source map generation)

Features

  • automatically use the fibers package if it is possible (#744) (96184e1)
  • source map generation depends on the devtool option (#743) (fcea88e)
  • validate loader options (#737) (7b543fc)
  • reworked error handling from node-sass/sass
  • improve resolution for @import (including support _index and index files in a directory)

Bug Fixes

  • compatibility with pnp

7.3.1 (2019-08-20)

Bug Fixes

  • minimum node version in package.json (#733) (1175920)

7.3.0 (2019-08-20)

Bug Fixes

Features

<a name="7.2.0"></a> </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+23 -15

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 4660f7915a4c096a60a033a34fa8aa4cddda9bbb

[Security] Bump eslint-utils from 1.3.1 to 1.4.2 Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2. **This update includes a security fix.** - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

[Security] Bump eslint-utils from 1.3.1 to 1.4.2 dependencies javascript security

Bumps eslint-utils from 1.3.1 to 1.4.2. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary>

Sourced from The GitHub Security Advisory Database.

Critical severity vulnerability that affects eslint-utils

'getStaticValue' function can execute arbitrary code

Impact

getStaticValue function can execute arbitrary code.

Patches

This problem has been patched in 1.4.1. Please update eslint-utils.

Workarounds

Don't use getStaticValue function, getStringIfConstant function, and getPropertyName function.

For more information

If you have any questions or comments about this advisory:

Affected versions: >= 1.2.0 < 1.4.1

</details> <details> <summary>Commits</summary>

  • 4e1bc07 1.4.2
  • e4cb014 🐛 add null test
  • 230a4e2 1.4.1
  • 08158db 🐛 fix getStaticValue security issue
  • 587cca2 🐛 fix getStringIfConstant to handle literals correctly
  • c119e83 🐛 fix getStaticValue to handle bigint correctly
  • 531b16f 🔖 1.4.0
  • 276303d ⚒ upgrade rollup
  • cb518c7 🐛 fix hasSideEffect false negative
  • aac472e 🐛 fix isParenthesized had false positive on ImportExpression (fixes #1)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+8 -6

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 4ec4f4620aa73ba3e8f5898980bea537fd3d1e03

Bump dotenv from 8.0.0 to 8.1.0 Bumps [dotenv](https://github.com/motdotla/dotenv) from 8.0.0 to 8.1.0. - [Release notes](https://github.com/motdotla/dotenv/releases) - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v8.0.0...v8.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump dotenv from 8.0.0 to 8.1.0 dependencies javascript

Bumps dotenv from 8.0.0 to 8.1.0. <details> <summary>Changelog</summary>

Sourced from dotenv's changelog.

8.1.0 (2019-08-18)

⚠ BREAKING CHANGES

  • dropping Node v6 support because end-of-life

  • Drop support for Node v6 (#392) (2e9636a), closes #392 </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+5 -5

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 41bcb2d116486a313a8f4ad3f6a437bc92f03d0b

Bump jest from 24.8.0 to 24.9.0 Bumps [jest](https://github.com/facebook/jest) from 24.8.0 to 24.9.0. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/compare/v24.8.0...v24.9.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump jest from 24.8.0 to 24.9.0 dependencies javascript

Bumps jest from 24.8.0 to 24.9.0. <details> <summary>Release notes</summary>

Sourced from jest's releases.

24.9.0

Features

  • [expect] Highlight substring differences when matcher fails, part 1 (#8448)
  • [expect] Highlight substring differences when matcher fails, part 2 (#8528)
  • [expect] Improve report when mock-spy matcher fails, part 1 (#8640)
  • [expect] Improve report when mock-spy matcher fails, part 2 (#8649)
  • [expect] Improve report when mock-spy matcher fails, part 3 (#8697)
  • [expect] Improve report when mock-spy matcher fails, part 4 (#8710)
  • [expect] Throw matcher error when received cannot be jasmine spy (#8747)
  • [expect] Improve report when negative CalledWith assertion fails (#8755)
  • [expect] Improve report when positive CalledWith assertion fails (#8771)
  • [expect] Display equal values for ReturnedWith similar to CalledWith (#8791)
  • [expect, jest-snapshot] Change color from green for some args in matcher hints (#8812)
  • [jest-snapshot] Highlight substring differences when matcher fails, part 3 (#8569)
  • [jest-core] Improve report when snapshots are obsolete (#8448)
  • [jest-cli] Improve chai support (with detailed output, to match jest exceptions) (#8454)
  • [*] Manage the global timeout with --testTimeout command line argument. (#8456)
  • [pretty-format] Render custom displayName of memoized components
  • [jest-validate] Allow maxWorkers as part of the jest.config.js (#8565)
  • [jest-runtime] Allow passing configuration objects to transformers (#7288)
  • [@jest/core, @jest/test-sequencer] Support async sort in custom testSequencer (#8642)
  • [jest-runtime, @jest/fake-timers] Add jest.advanceTimersToNextTimer (#8713)
  • [@&#8203;jest-transform] Extract transforming require logic within jest-core into @jest-transform (#8756)
  • [jest-matcher-utils] Add color options to matcherHint (#8795)
  • [jest-circus/jest-jasmine2] Give clearer output for Node assert errors (#8792)
  • [jest-runner] Export all types in the type signature of jest-runner (#8825)`

Fixes

  • [jest-cli] Detect side-effect only imports when running --onlyChanged or --changedSince (#8670)
  • [jest-cli] Allow --maxWorkers to work with % input again (#8565)
  • [babel-plugin-jest-hoist] Expand list of whitelisted globals in global mocks (#8429
  • [jest-core] Make watch plugin initialization errors look nice (#8422)
  • [jest-snapshot] Prevent inline snapshots from drifting when inline snapshots are updated (#8492)
  • [jest-haste-map] Don't throw on missing mapper in Node crawler (#8558)
  • [jest-core] Fix incorrect passWithNoTests warning (#8595)
  • [jest-snapshots] Fix test retries that contain snapshots (#8629)
  • [jest-mock] Fix incorrect assignments when restoring mocks in instances where they originally didn't exist (#8631)
  • [expect] Fix stack overflow when matching objects with circular references (#8687)
  • [jest-haste-map] Workaround a node >=12.5.0 bug that causes the process not to exit after tests have completed and cancerous memory growth (#8787)

Chore & Maintenance

  • [jest-leak-detector] remove code repeat (#8438
  • [docs] Add example to jest.requireActual (#8482
  • [docs] Add example to jest.mock for mocking ES6 modules with the factory parameter (#8550)
  • [docs] Add information about using jest.doMock with ES6 imports (#8573)
  • [docs] Fix variable name in custom-matcher-api code example (#8582)
  • [docs] Fix example used in custom environment docs (#8617) </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from jest's changelog.

24.9.0

Features

  • [expect] Highlight substring differences when matcher fails, part 1 (#8448)
  • [expect] Highlight substring differences when matcher fails, part 2 (#8528)
  • [expect] Improve report when mock-spy matcher fails, part 1 (#8640)
  • [expect] Improve report when mock-spy matcher fails, part 2 (#8649)
  • [expect] Improve report when mock-spy matcher fails, part 3 (#8697)
  • [expect] Improve report when mock-spy matcher fails, part 4 (#8710)
  • [expect] Throw matcher error when received cannot be jasmine spy (#8747)
  • [expect] Improve report when negative CalledWith assertion fails (#8755)
  • [expect] Improve report when positive CalledWith assertion fails (#8771)
  • [expect] Display equal values for ReturnedWith similar to CalledWith (#8791)
  • [expect, jest-snapshot] Change color from green for some args in matcher hints (#8812)
  • [jest-snapshot] Highlight substring differences when matcher fails, part 3 (#8569)
  • [jest-core] Improve report when snapshots are obsolete (#8448)
  • [jest-cli] Improve chai support (with detailed output, to match jest exceptions) (#8454)
  • [*] Manage the global timeout with --testTimeout command line argument. (#8456)
  • [pretty-format] Render custom displayName of memoized components
  • [jest-validate] Allow maxWorkers as part of the jest.config.js (#8565)
  • [jest-runtime] Allow passing configuration objects to transformers (#7288)
  • [@jest/core, @jest/test-sequencer] Support async sort in custom testSequencer (#8642)
  • [jest-runtime, @jest/fake-timers] Add jest.advanceTimersToNextTimer (#8713)
  • [@&#8203;jest-transform] Extract transforming require logic within jest-core into @jest-transform (#8756)
  • [jest-matcher-utils] Add color options to matcherHint (#8795)
  • [jest-circus/jest-jasmine2] Give clearer output for Node assert errors (#8792)
  • [jest-runner] Export all types in the type signature of jest-runner (#8825)`

Fixes

  • [jest-cli] Detect side-effect only imports when running --onlyChanged or --changedSince (#8670)
  • [jest-cli] Allow --maxWorkers to work with % input again (#8565)
  • [babel-plugin-jest-hoist] Expand list of whitelisted globals in global mocks (#8429
  • [jest-core] Make watch plugin initialization errors look nice (#8422)
  • [jest-snapshot] Prevent inline snapshots from drifting when inline snapshots are updated (#8492)
  • [jest-haste-map] Don't throw on missing mapper in Node crawler (#8558)
  • [jest-core] Fix incorrect passWithNoTests warning (#8595)
  • [jest-snapshots] Fix test retries that contain snapshots (#8629)
  • [jest-mock] Fix incorrect assignments when restoring mocks in instances where they originally didn't exist (#8631)
  • [expect] Fix stack overflow when matching objects with circular references (#8687)
  • [jest-haste-map] Workaround a node >=12.5.0 bug that causes the process not to exit after tests have completed and cancerous memory growth (#8787)

Chore & Maintenance

  • [jest-leak-detector] remove code repeat (#8438
  • [docs] Add example to jest.requireActual (#8482
  • [docs] Add example to jest.mock for mocking ES6 modules with the factory parameter (#8550)
  • [docs] Add information about using jest.doMock with ES6 imports (#8573)
  • [docs] Fix variable name in custom-matcher-api code example (#8582) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 3cdbd55 Release 24.9.0
  • 9ad0f4b Workaround a node >=12.5.0 bug that causes the process not to exit after test...
  • 4df0070 Add timeout to prevent notifier from locking CPU on MacOS (#8831)
  • 3ab2fc1 chore: export types from jest-runner (#8825)
  • d610c9a chore: Delete obsolete link and simplify structure in pretty-format README (#...
  • abb760a feat: add sync way of requiring and transpiling module (#8808)
  • 0d48344 chore: Check copyright and license as one joined substring (#8815)
  • 9406708 expect, jest-snapshot: Change color from green for some args in matcher hints...
  • 86e73f5 chore: enforce LF line endings (#8809)
  • d9b43a8 remove unreleased --testTimeout feature from versioned_docs (#8811)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+439 -413

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

delete branch arxiv-vanity/engrafo

delete branch : bump-latexml

delete time in 2 months

push eventarxiv-vanity/engrafo

Ben Firshman

commit sha 82c9531e7229f5e398aae3d09dfd7649a42689c7

Bump latexml

view details

push time in 2 months

PR merged arxiv-vanity/engrafo

Bump latexml
+1 -1

0 comment

1 changed file

bfirsh

pr closed time in 2 months

push eventbfirsh/dotfiles

Ben Firshman

commit sha 1aa1511daa6288ab43da9bbab39ccc9f36679486

gitignore

view details

Ben Firshman

commit sha 5c7e6ae9b05f0b6edc5a9458f2a5b301315b8fa2

oh-my-zsh

view details

Ben Firshman

commit sha ae3311803c31be54a4f4bf7ba7d950919e887c35

Add homebrew path to .zshrc

view details

Ben Firshman

commit sha 9573eb0054bdbe84aa72f80debf4025bd1b95d23

Disable npx

view details

Ben Firshman

commit sha 8d1cae07b2d15171b8f9fe25c85ecd9bc50b4ec2

Add ripgrep

view details

push time in 2 months

PR opened arxiv-vanity/engrafo

Bump latexml
+1 -1

0 comment

1 changed file

pr created time in 2 months

create barncharxiv-vanity/engrafo

branch : bump-latexml

created branch time in 2 months

push eventarxiv-vanity/arxiv-vanity

Ben Firshman

commit sha 02bc3c04825b65dc8ce61a7802070218f305520b

Attempt to stop update_state running out of mem

view details

push time in 3 months

issue commentarxiv-vanity/arxiv-vanity

arxiv-vanity.com gives 500 error messages for all new papers?

I'll set up pingdom to force render a paper so we actually hear about this...

nottombrown

comment created time in 3 months

issue commentarxiv-vanity/arxiv-vanity

arxiv-vanity.com gives 500 error messages for all new papers?

Hmm thanks. Not sure why that cron job is broken again.

nottombrown

comment created time in 3 months

startedNVIDIA/DeepLearningExamples

started time in 3 months

startedlmcq/firebase-firestorm

started time in 3 months

startedcrdoconnor/strictyaml

started time in 3 months

startedpachyderm/pachyderm

started time in 3 months

push eventarxiv-vanity/engrafo

dependabot-preview[bot]

commit sha 5e6f6ba394ac5bc526c62bb1f0af7954904f12e9

Bump debian from testing-20190708 to testing-20190812 Bumps debian from testing-20190708 to testing-20190812. Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

push time in 3 months

more