profile
viewpoint

bolasblack/backbone.elements 6

Add shortcut for Backbone.View selector

bolasblack/.emacsrc 2

config of emacs

bolasblack/backbone.event.one 2

add `one` method to Backbone.Events

bolasblack/angular-brunch-seed 1

AngularJS + Brunch

bolasblack/angular-gulp-seed 1

Quick start project with AngularJS and Gulp

bolasblack/4clojure.el 0

Open and evaluate 4clojure.com questions in emacs

push eventbolasblack/bolasblack

c4605

commit sha d986e0cd0b0508a732cb371b1697201165642476

Update README.md

view details

push time in an hour

push eventbolasblack/js-metarepo

c4605

commit sha e2416cbfed459a3ec85b6467532745d6c6f8bbc9

docs(yarw): update yarw related README

view details

c4605

commit sha 9b0e60224ed2c5a09b0b89c58542fd11edd77390

Merge branch 'develop'

view details

push time in an hour

push eventbolasblack/js-metarepo

c4605

commit sha e2416cbfed459a3ec85b6467532745d6c6f8bbc9

docs(yarw): update yarw related README

view details

push time in an hour

push eventbolasblack/js-metarepo

c4605

commit sha 51251b81aabea9ba3b6ad71f14f4fc04698ca34a

test(ts-types): fix dtslint error in ts 4.0

view details

c4605

commit sha 4e89ee7e2b76c320f845bd756b8f76f32d8e09b1

feat(yarw): add package yarw

view details

c4605

commit sha 359dad4c3f52b0fc0343bf281e038c813e356886

chore: add github actions file

view details

c4605

commit sha 505c46834ea5d33e91b7bfccdaa717a081d26f93

Merge branch 'lab/yarw' into develop

view details

c4605

commit sha c5004e9d1f0bb1337c5626c3274b320ca9f18cdb

Merge branch 'develop'

view details

push time in 10 hours

created tagbolasblack/js-metarepo

tagyarw@0.1.0

A metarepo inspired from [nextools/metarepo](https://github.com/nextools/metarepo)

created time in 10 hours

delete branch bolasblack/js-metarepo

delete branch : lab/yarw

delete time in 10 hours

push eventbolasblack/js-metarepo

c4605

commit sha 51251b81aabea9ba3b6ad71f14f4fc04698ca34a

test(ts-types): fix dtslint error in ts 4.0

view details

c4605

commit sha 4e89ee7e2b76c320f845bd756b8f76f32d8e09b1

feat(yarw): add package yarw

view details

c4605

commit sha 359dad4c3f52b0fc0343bf281e038c813e356886

chore: add github actions file

view details

c4605

commit sha 505c46834ea5d33e91b7bfccdaa717a081d26f93

Merge branch 'lab/yarw' into develop

view details

push time in 10 hours

push eventbolasblack/js-metarepo

c4605

commit sha 51251b81aabea9ba3b6ad71f14f4fc04698ca34a

test(ts-types): fix dtslint error in ts 4.0

view details

c4605

commit sha 4e89ee7e2b76c320f845bd756b8f76f32d8e09b1

feat(yarw): add package yarw

view details

c4605

commit sha 359dad4c3f52b0fc0343bf281e038c813e356886

chore: add github actions file

view details

push time in 10 hours

create barnchbolasblack/js-metarepo

branch : lab/yarw

created branch time in 11 hours

delete branch bolasblack/js-metarepo

delete branch : lab/flex-redux

delete time in 11 hours

push eventbolasblack/js-metarepo

c4605

commit sha ae71ad22e5e8b58e9cba97dd282f588f850df6ed

chore: add github actions file

view details

push time in 4 days

push eventbolasblack/js-metarepo

c4605

commit sha 1ef7e438f3584f1c8a4b3215303dc5e786ea13de

try add github action config

view details

push time in 4 days

push eventbolasblack/js-metarepo

c4605

commit sha d2d926844fa1bcf5486cc448dff2fa36a51db5f5

2020-08-01

view details

push time in 4 days

delete branch bolasblack/interpolate-webpack-plugin

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 4 days

push eventbolasblack/interpolate-webpack-plugin

dependabot[bot]

commit sha d40c455b80ced442ba8e22f7ff668fbb693eea62

chore: bump elliptic from 6.5.0 to 6.5.3 (#5) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.0 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.0...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 4 days

PR merged bolasblack/interpolate-webpack-plugin

chore: bump elliptic from 6.5.0 to 6.5.3 dependencies

Bumps elliptic from 6.5.0 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.0...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

dependabot[bot]

pr closed time in 4 days

delete branch bolasblack/module-mapper-webpack-plugin

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 4 days

push eventbolasblack/module-mapper-webpack-plugin

dependabot[bot]

commit sha e44a3c7195285ff18acca7e28377e368b84603d5

chore(deps): bump elliptic from 6.5.0 to 6.5.3 (#38) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.0 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.0...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 4 days

PR merged bolasblack/module-mapper-webpack-plugin

chore(deps): bump elliptic from 6.5.0 to 6.5.3 dependencies

Bumps elliptic from 6.5.0 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.0...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

dependabot[bot]

pr closed time in 4 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 4 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 3148bc8c63b16a8b174a91a071f86c684c348b9f

Bump elliptic from 6.3.2 to 6.5.3 (#14) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.3.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.3.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 4 days

PR merged bolasblack/ramda-extra

Bump elliptic from 6.3.2 to 6.5.3 dependencies

Bumps elliptic from 6.3.2 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>Additional commits viewable in <a href="https://github.com/indutny/elliptic/compare/v6.3.2...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+30 -14

0 comment

1 changed file

dependabot[bot]

pr closed time in 4 days

delete branch bolasblack/BlogFront

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 4 days

push eventbolasblack/BlogFront

dependabot[bot]

commit sha 0e8f35571a79dfaed773746572d056513db48d45

Bump elliptic from 6.4.0 to 6.5.3 (#9) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.4.0 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.4.0...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 4 days

PR merged bolasblack/BlogFront

Bump elliptic from 6.4.0 to 6.5.3 dependencies

Bumps elliptic from 6.4.0 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>Additional commits viewable in <a href="https://github.com/indutny/elliptic/compare/v6.4.0...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+21 -9

0 comment

1 changed file

dependabot[bot]

pr closed time in 4 days

startedFooSoft/anki-connect

started time in 5 days

startedstevenjoezhang/live2d-widget

started time in 6 days

startedany86/any-touch

started time in 6 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/fstream-1.0.12

delete time in 7 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha da13ec8c9570d7f2e746658a4aec3b19f5534e9d

Bump fstream from 1.0.10 to 1.0.12 (#3) Bumps [fstream](https://github.com/npm/fstream) from 1.0.10 to 1.0.12. - [Release notes](https://github.com/npm/fstream/releases) - [Commits](https://github.com/npm/fstream/compare/v1.0.10...v1.0.12) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 7 days

PR merged bolasblack/nodejs-runner

Bump fstream from 1.0.10 to 1.0.12 dependencies

Bumps fstream from 1.0.10 to 1.0.12. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/fstream/commit/42354590e23bb514eb5c869eea64406be2947c6c"><code>4235459</code></a> 1.0.12</li> <li><a href="https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22"><code>6a77d2f</code></a> Clobber a Link if it's in the way of a File</li> <li><a href="https://github.com/npm/fstream/commit/1e4527ffe8688d4f5325283d7cf2cf2d61f14c6b"><code>1e4527f</code></a> 1.0.11</li> <li><a href="https://github.com/npm/fstream/commit/ac4a9e3d86d39a5b979dbdda44376be85b91ece7"><code>ac4a9e3</code></a> Move props.path check below class init (<a href="https://github-redirect.dependabot.com/npm/fstream/issues/55">#55</a>)</li> <li><a href="https://github.com/npm/fstream/commit/24fabdec32e334dd3b130d77b38c010e3119b102"><code>24fabde</code></a> build: clean up versions</li> <li>See full diff in <a href="https://github.com/npm/fstream/compare/v1.0.10...v1.0.12">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+47 -13

0 comment

1 changed file

dependabot[bot]

pr closed time in 7 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/extend-3.0.2

delete time in 7 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha f76e143b6d55e5db71c20d56b939ad66b60dadb4

Bump extend from 3.0.0 to 3.0.2 (#4) Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.0 to 3.0.2. - [Release notes](https://github.com/justmoon/node-extend/releases) - [Changelog](https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md) - [Commits](https://github.com/justmoon/node-extend/compare/v3.0.0...v3.0.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 7 days

PR merged bolasblack/nodejs-runner

Bump extend from 3.0.0 to 3.0.2 dependencies

Bumps extend from 3.0.0 to 3.0.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md">extend's changelog</a>.</em></p> <blockquote> <h1>3.0.2 / 2018-07-19</h1> <ul> <li>[Fix] Prevent merging <code>proto</code> property (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/48">#48</a>)</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>tape</code></li> <li>[Tests] up to <code>node</code> <code>v10.7</code>, <code>v9.11</code>, <code>v8.11</code>, <code>v7.10</code>, <code>v6.14</code>, <code>v4.9</code>; use <code>nvm install-latest-npm</code></li> </ul> <h1>3.0.1 / 2017-04-27</h1> <ul> <li>[Fix] deep extending should work with a non-object (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/46">#46</a>)</li> <li>[Dev Deps] update <code>tape</code>, <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li>[Tests] up to <code>node</code> <code>v7.9</code>, <code>v6.10</code>, <code>v4.8</code>; improve matrix</li> <li>[Docs] Switch from vb.teelaun.ch to versionbadg.es for the npm version badge SVG.</li> <li>[Docs] Add example to readme (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/34">#34</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/justmoon/node-extend/commit/8d106d23931c0802e8b88188b0aac433e13358d9"><code>8d106d2</code></a> v3.0.2</li> <li><a href="https://github.com/justmoon/node-extend/commit/e97091fa7557e106042e475ef59e654fa9d2c7ab"><code>e97091f</code></a> [Dev Deps] update <code>tape</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/e841aac7ce7119606345b440b0a9e7668e848985"><code>e841aac</code></a> [Tests] up to <code>node</code> <code>v10.7</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/0e68e71d93507fcc391e398bc84abd0666b28190"><code>0e68e71</code></a> [Fix] Prevent merging <strong>proto</strong> property</li> <li><a href="https://github.com/justmoon/node-extend/commit/a689700740b44846e76f8f1dc4bdf230a2cb5c0d"><code>a689700</code></a> Only apps should have lockfiles</li> <li><a href="https://github.com/justmoon/node-extend/commit/f13c1c4e51c47b90604eb2dc56cc60561e497d36"><code>f13c1c4</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>tape</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/f3570fe5582dbfba47e60c0cd75b4fb6f01cd3fe"><code>f3570fe</code></a> [Tests] up to <code>node</code> <code>v10.0</code>, <code>v9.11</code>, <code>v8.11</code>, <code>v7.10</code>, <code>v6.14</code>, <code>v4.9</code>; use...</li> <li><a href="https://github.com/justmoon/node-extend/commit/138b515df4d628bb1742254ede5d2551c0fecae7"><code>138b515</code></a> v3.0.1</li> <li><a href="https://github.com/justmoon/node-extend/commit/7e19a6f763a0e19c661403c6b1d1dffa6709b5d9"><code>7e19a6f</code></a> [Tests] up to <code>node</code> <code>v7.9</code>, <code>v6.10</code>, <code>v4.8</code>; improve matrix</li> <li><a href="https://github.com/justmoon/node-extend/commit/0191e27d2810329a06275c52b5a2aa435b2a5b4b"><code>0191e27</code></a> [Dev Deps] update <code>tape</code>, <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li>Additional commits viewable in <a href="https://github.com/justmoon/node-extend/compare/v3.0.0...v3.0.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 7 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/stringstream-0.0.6

delete time in 7 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha 358a5f1b7c6a2b817348fa2ea9fad8611c3ae627

Bump stringstream from 0.0.5 to 0.0.6 (#6) Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. - [Release notes](https://github.com/mhart/StringStream/releases) - [Commits](https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 7 days

PR merged bolasblack/nodejs-runner

Bump stringstream from 0.0.5 to 0.0.6 dependencies

Bumps stringstream from 0.0.5 to 0.0.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mhart/StringStream/commit/fee31c5c4a5efc7c7cc2fde4aee633dedefd6d67"><code>fee31c5</code></a> 0.0.6</li> <li><a href="https://github.com/mhart/StringStream/commit/2f4a9d496f94b0880e01a26857aa266a5a3ef274"><code>2f4a9d4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mhart/StringStream/issues/9">#9</a> from mhart/fix-buffer-constructor-vuln</li> <li><a href="https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b"><code>afbc744</code></a> Ensure data is not a number in Buffer constructor</li> <li>See full diff in <a href="https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 7 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/tough-cookie-2.3.4

delete time in 7 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha bb23ac557604a7cf063acff839c237669bc888dc

Bump tough-cookie from 2.3.2 to 2.3.4 (#9) Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 2.3.2 to 2.3.4. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](https://github.com/salesforce/tough-cookie/compare/v2.3.2...v2.3.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 7 days

PR merged bolasblack/nodejs-runner

Bump tough-cookie from 2.3.2 to 2.3.4 dependencies

Bumps tough-cookie from 2.3.2 to 2.3.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/salesforce/tough-cookie/commit/e4dfb0aec5d25e9e982805417a5d936071badc17"><code>e4dfb0a</code></a> 2.3.4</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/7d66ffde12af5cbad40c3642f3c339fa82e6e381"><code>7d66ffd</code></a> Update public suffix list</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/7564c0637e6674d8847a1b84979536930eb9b170"><code>7564c06</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/salesforce/tough-cookie/issues/100">#100</a> from salesforce/no-re-parser</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/751da6dadfeddb916b7dc5f524715afd4b02969c"><code>751da6d</code></a> Document removal of 256 space limit</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/8452ccdf02853fb011a5f654f206a698a659889a"><code>8452ccd</code></a> Convert date-time parser from regexp, expand tests</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/8614dbf439d3eee71a32ff4a5ae9fad7a562d7c2"><code>8614dbf</code></a> More String#repeat polyfill</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/2a4775c28f88c794b9ca05533b5537b7be6d7395"><code>2a4775c</code></a> Avoid unbounded Regexp parts in date parsing</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/c9bd79dd358ec8bb7ea82bea328b2449168736fc"><code>c9bd79d</code></a> Parse cookie-pair part without regexp</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/12d426678f77bd34dd1234b7acbf47b299f50439"><code>12d4266</code></a> 2.3.3</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/98e0916d7b017669c93855d831c6e0b19c14141e"><code>98e0916</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/salesforce/tough-cookie/issues/97">#97</a> from salesforce/spaces-ReDoS</li> <li>Additional commits viewable in <a href="https://github.com/salesforce/tough-cookie/compare/v2.3.2...v2.3.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 7 days

startedfelixrieseberg/macintosh.js

started time in 7 days

startedpouchdb/pouchdb

started time in 8 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/is-my-json-valid-2.20.4

delete time in 11 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha 1706b4ccdcbf110bea96c2f9b08225ea1ccb7050

Bump is-my-json-valid from 2.15.0 to 2.20.4 (#7) Bumps [is-my-json-valid](https://github.com/mafintosh/is-my-json-valid) from 2.15.0 to 2.20.4. - [Release notes](https://github.com/mafintosh/is-my-json-valid/releases) - [Commits](https://github.com/mafintosh/is-my-json-valid/compare/v2.15.0...v2.20.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 11 days

PR merged bolasblack/nodejs-runner

Bump is-my-json-valid from 2.15.0 to 2.20.4 dependencies

Bumps is-my-json-valid from 2.15.0 to 2.20.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2534af447c2a13871c32679c7059a099ea7114b6"><code>2534af4</code></a> 2.20.4</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/22c6b768a16e95349ad14c638d0d412be6e28fd4"><code>22c6b76</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/180">#180</a> from ChALkeR/chalker/fix-style</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/ccde29dd0626d870bf61fc9c04c845017060711d"><code>ccde29d</code></a> Fix a ReDoS in 'style' format</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/9df4acbb3077bce07f74e2f788cc9bfc11e0a5b3"><code>9df4acb</code></a> 2.20.3</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/3419563687df463b4ca709a2b46be8e15d6a2b3d"><code>3419563</code></a> only inline allocated vars</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/adf40bd9f22f6c9ee7d4c612c4193a7b835416bc"><code>adf40bd</code></a> 2.20.2</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/c3fc04fc455d40e9b29537f8e2c73a28ce106edb"><code>c3fc04f</code></a> limit regex if maxLength is set</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/314a36f98c9980680c0b8973d4b0ef58501a24c9"><code>314a36f</code></a> test on 12</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2684bd0a5ed93dd377f0fcb43f6298f4524a2373"><code>2684bd0</code></a> 2.20.1</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/0fb366a5dd12c3123ed416cc88b000af93ec01b0"><code>0fb366a</code></a> use maxItems in unique check</li> <li>Additional commits viewable in <a href="https://github.com/mafintosh/is-my-json-valid/compare/v2.15.0...v2.20.4">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~linusu">linusu</a>, a new releaser for is-my-json-valid since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+16 -9

0 comment

1 changed file

dependabot[bot]

pr closed time in 11 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/qs-6.3.2

delete time in 11 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha d03c1866c20b1947e3f65eb160a6b3a23052b8d0

Bump qs from 6.3.0 to 6.3.2 (#8) Bumps [qs](https://github.com/ljharb/qs) from 6.3.0 to 6.3.2. - [Release notes](https://github.com/ljharb/qs/releases) - [Changelog](https://github.com/ljharb/qs/blob/master/CHANGELOG.md) - [Commits](https://github.com/ljharb/qs/compare/v6.3.0...v6.3.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 11 days

PR merged bolasblack/nodejs-runner

Bump qs from 6.3.0 to 6.3.2 dependencies

Bumps qs from 6.3.0 to 6.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/master/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.3.2</strong></h2> <ul> <li>[Fix] follow <code>allowPrototypes</code> option during merge (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/201">#201</a>, <a href="https://github-redirect.dependabot.com/ljharb/qs/issues/200">#200</a>)</li> <li>[Dev Deps] update <code>eslint</code></li> <li>[Fix] chmod a-x</li> <li>[Fix] support keys starting with brackets (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/202">#202</a>, <a href="https://github-redirect.dependabot.com/ljharb/qs/issues/200">#200</a>)</li> <li>[Tests] up to <code>node</code> <code>v7.7</code>, <code>v6.10</code>,<code> v4.8</code>; disable osx builds since they block linux builds</li> </ul> <h2><strong>6.3.1</strong></h2> <ul> <li>[Fix] ensure that <code>allowPrototypes: false</code> does not ever shadow Object.prototype properties (thanks, <a href="https://github.com/snyk">@snyk</a>!)</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>browserify</code>, <code>iconv-lite</code>, <code>qs-iconv</code>, <code>tape</code></li> <li>[Tests] on all node minors; improve test matrix</li> <li>[Docs] document stringify option <code>allowDots</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/195">#195</a>)</li> <li>[Docs] add empty object and array values example (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/195">#195</a>)</li> <li>[Docs] Fix minor inconsistency/typo (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/192">#192</a>)</li> <li>[Docs] document stringify option <code>sort</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/191">#191</a>)</li> <li>[Refactor] <code>stringify</code>: throw faster with an invalid encoder</li> <li>[Refactor] remove unnecessary escapes (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/184">#184</a>)</li> <li>Remove contributing.md, since <code>qs</code> is no longer part of <code>hapi</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/183">#183</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/9ee56121311dac6b6014bfe56b3df0ebbf4ed048"><code>9ee5612</code></a> v6.3.2</li> <li><a href="https://github.com/ljharb/qs/commit/0a63fc8686bcc89d939522913762d1c6b1c4faa5"><code>0a63fc8</code></a> [Tests] up to <code>node</code> <code>v7.7</code>, <code>v6.10</code>,<code> v4.8</code>; disable osx builds since they b...</li> <li><a href="https://github.com/ljharb/qs/commit/8e1f3e743e81df157ccffea20b461ab6e499a795"><code>8e1f3e7</code></a> [Fix] support keys starting with brackets.</li> <li><a href="https://github.com/ljharb/qs/commit/febe81ad7e9120fab8db1897ec98c92297249a7c"><code>febe81a</code></a> [Fix] chmod a-x</li> <li><a href="https://github.com/ljharb/qs/commit/e54c5ec8e20e3beacddff4d775d1a29bcaa47dc1"><code>e54c5ec</code></a> [Dev Deps] update <code>eslint</code></li> <li><a href="https://github.com/ljharb/qs/commit/8e2af085b448eeb0b8068f4c7828e6a68c910058"><code>8e2af08</code></a> [Fix] follow <code>allowPrototypes</code> option during merge</li> <li><a href="https://github.com/ljharb/qs/commit/153ce84948845330d90178cbad982fc7371df538"><code>153ce84</code></a> v6.3.1</li> <li><a href="https://github.com/ljharb/qs/commit/d73b7a6cb2f0b2cfb0e73a6aeefde8cdcb521a98"><code>d73b7a6</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>browserify</code></li> <li><a href="https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d"><code>beade02</code></a> [Fix] ensure that <code>allowPrototypes: false</code> does not ever shadow Object.protot...</li> <li><a href="https://github.com/ljharb/qs/commit/8bd4c6cf12898f469838980317fec92007e5112a"><code>8bd4c6c</code></a> Document allowDots option for stringify</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.3.0...v6.3.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 11 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/sshpk-1.16.1

delete time in 11 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha 8c557abe5675cedbca2fb136bd2559b850f4fe8e

Bump sshpk from 1.10.2 to 1.16.1 (#5) Bumps [sshpk](https://github.com/joyent/node-sshpk) from 1.10.2 to 1.16.1. - [Release notes](https://github.com/joyent/node-sshpk/releases) - [Commits](https://github.com/joyent/node-sshpk/compare/v1.10.2...v1.16.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 11 days

PR merged bolasblack/nodejs-runner

Bump sshpk from 1.10.2 to 1.16.1 dependencies

Bumps sshpk from 1.10.2 to 1.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/joyent/node-sshpk/releases">sshpk's releases</a>.</em></p> <blockquote> <h2>v1.16.1</h2> <ul> <li>Fixes for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/60">#60</a> (correctly encoding certificates with expiry dates >=2050), <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/62">#62</a> (accepting PKCS#8 EC private keys with missing public key parts)</li> </ul> <h2>v1.16.0</h2> <ul> <li>Add support for SPKI fingerprints, PuTTY PPK format (public-key only for now), PKCS#8 PBKDF2 encrypted private keys</li> <li>Fix for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/48">#48</a></li> </ul> <h2>v1.15.2</h2> <ul> <li>New API for accessing x509 extensions in certificates</li> <li>Fixes for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/52">#52</a>, <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/50">#50</a></li> </ul> <h2>v1.14.1</h2> <ul> <li>Remove all remaining usage of jodid25519 (abandoned dep)</li> <li>Add support for DNSSEC key format</li> <li>Add support for Ed25519 keys in PEM format (according to draft-curdle-pkix)</li> <li>Fixes for X.509 encoding issues (asn.1 NULLs in RSA certs, cert string type mangling)</li> <li>Performance issues parsing long SSH public keys</li> </ul> <h2>v1.13.0</h2> <ul> <li>Support SSH-format rsa-sha2-256 signatures (e.g. so the SSH agent can sign using RSA-SHA256)</li> </ul> <h2>v1.12.0</h2> <ul> <li>Support for generating ECDSA keys using <code>generatePrivateKey()</code></li> <li>Minimum for <code>sshpk-agent</code> to be able to sign new certificates using an agent key</li> </ul> <h2>v1.11.0</h2> <ul> <li>Added support for X.509 extKeyUsage</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/joyent/node-sshpk/commit/1aece0d1df155e60e4cb0ae42cb3ed7aa043e174"><code>1aece0d</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/60">joyent/node-sshpk#60</a> certs should generate GeneralizedTime values for dates >...</li> <li><a href="https://github.com/joyent/node-sshpk/commit/684dbe66d9615378bdb4d1ac1ede9f901591cb86"><code>684dbe6</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/62">joyent/node-sshpk#62</a> handle pkcs8 ECDSA keys with missing public parts</li> <li><a href="https://github.com/joyent/node-sshpk/commit/574ff21e77117b478baf4664856bfc4b0aa41a12"><code>574ff21</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/18">joyent/node-sshpk#18</a> support for PKCS8 encrypted private keys</li> <li><a href="https://github.com/joyent/node-sshpk/commit/f647cf22c3258ef514d2ba098a4a6aad3492f425"><code>f647cf2</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/27">joyent/node-sshpk#27</a> Add support for PuTTY PPK format</li> <li><a href="https://github.com/joyent/node-sshpk/commit/44aec4ad8bcf7324009c92a52e4c81487cbc24b9"><code>44aec4a</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/59">joyent/node-sshpk#59</a> want support for SPKI fingerprint format</li> <li><a href="https://github.com/joyent/node-sshpk/commit/385ff11efc4edd201c07f2ceee23746c13122f9c"><code>385ff11</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/48">joyent/node-sshpk#48</a> wish: add support for x509 certificates in text form</li> <li><a href="https://github.com/joyent/node-sshpk/commit/c7a6c6833370f69322c47e73e9f4cfdedaf4e8f4"><code>c7a6c68</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/58">joyent/node-sshpk#58</a> des-ede3-cbc encrypted keys broken</li> <li><a href="https://github.com/joyent/node-sshpk/commit/2ab4f2a018766559252f2c3426a3735f0860ac0d"><code>2ab4f2a</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/56">joyent/node-sshpk#56</a> md5 fingerprints not quite right</li> <li><a href="https://github.com/joyent/node-sshpk/commit/026ef4764a55648dd15f45f7f14ff9da5d1fe2ad"><code>026ef47</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/53">joyent/node-sshpk#53</a> stop using optional deps to fix webpack</li> <li><a href="https://github.com/joyent/node-sshpk/commit/53e23feff41226826b45293bc4a9fc45f2e44afe"><code>53e23fe</code></a> <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/50">joyent/node-sshpk#50</a> Support PKCS#5 AES-256-CBC encrypted private keys</li> <li>Additional commits viewable in <a href="https://github.com/joyent/node-sshpk/compare/v1.10.2...v1.16.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+22 -22

0 comment

1 changed file

dependabot[bot]

pr closed time in 11 days

startedpritunl/pritunl

started time in 11 days

startedmicrosoft/tsyringe

started time in 12 days

push eventbolasblack/bolasblack

c4605

commit sha 11c6c9c435307f4f0a229a7893d312347a365182

Update README.md

view details

push time in 14 days

startediptv-org/iptv

started time in 14 days

push eventbolasblack/js-metarepo

c4605

commit sha 2092c89770fcf3290f5b984536fb54aefd229564

2020-07-21

view details

push time in 14 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/tough-cookie-2.3.4

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 64973213d116eacf56d1ea17bc67a561a4508b01

Bump tough-cookie from 2.3.2 to 2.3.4 (#13) Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 2.3.2 to 2.3.4. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](https://github.com/salesforce/tough-cookie/compare/v2.3.2...v2.3.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump tough-cookie from 2.3.2 to 2.3.4 dependencies

Bumps tough-cookie from 2.3.2 to 2.3.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/salesforce/tough-cookie/commit/e4dfb0aec5d25e9e982805417a5d936071badc17"><code>e4dfb0a</code></a> 2.3.4</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/7d66ffde12af5cbad40c3642f3c339fa82e6e381"><code>7d66ffd</code></a> Update public suffix list</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/7564c0637e6674d8847a1b84979536930eb9b170"><code>7564c06</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/salesforce/tough-cookie/issues/100">#100</a> from salesforce/no-re-parser</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/751da6dadfeddb916b7dc5f524715afd4b02969c"><code>751da6d</code></a> Document removal of 256 space limit</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/8452ccdf02853fb011a5f654f206a698a659889a"><code>8452ccd</code></a> Convert date-time parser from regexp, expand tests</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/8614dbf439d3eee71a32ff4a5ae9fad7a562d7c2"><code>8614dbf</code></a> More String#repeat polyfill</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/2a4775c28f88c794b9ca05533b5537b7be6d7395"><code>2a4775c</code></a> Avoid unbounded Regexp parts in date parsing</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/c9bd79dd358ec8bb7ea82bea328b2449168736fc"><code>c9bd79d</code></a> Parse cookie-pair part without regexp</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/12d426678f77bd34dd1234b7acbf47b299f50439"><code>12d4266</code></a> 2.3.3</li> <li><a href="https://github.com/salesforce/tough-cookie/commit/98e0916d7b017669c93855d831c6e0b19c14141e"><code>98e0916</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/salesforce/tough-cookie/issues/97">#97</a> from salesforce/spaces-ReDoS</li> <li>Additional commits viewable in <a href="https://github.com/salesforce/tough-cookie/compare/v2.3.2...v2.3.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

push eventbolasblack/bolasblack

c4605

commit sha 7ac36e08ab4076c4e329897cd4c42ba2da6d6f8c

Update README.md

view details

push time in 16 days

push eventbolasblack/bolasblack

c4605

commit sha 1825991fdd4fd1f4f41b4334fec53d41dbe0ab29

Update README.md

view details

push time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/merge-1.2.1

delete time in 16 days

PR merged bolasblack/ramda-extra

Bump qs from 6.3.0 to 6.3.2 dependencies

Bumps qs from 6.3.0 to 6.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/master/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.3.2</strong></h2> <ul> <li>[Fix] follow <code>allowPrototypes</code> option during merge (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/201">#201</a>, <a href="https://github-redirect.dependabot.com/ljharb/qs/issues/200">#200</a>)</li> <li>[Dev Deps] update <code>eslint</code></li> <li>[Fix] chmod a-x</li> <li>[Fix] support keys starting with brackets (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/202">#202</a>, <a href="https://github-redirect.dependabot.com/ljharb/qs/issues/200">#200</a>)</li> <li>[Tests] up to <code>node</code> <code>v7.7</code>, <code>v6.10</code>,<code> v4.8</code>; disable osx builds since they block linux builds</li> </ul> <h2><strong>6.3.1</strong></h2> <ul> <li>[Fix] ensure that <code>allowPrototypes: false</code> does not ever shadow Object.prototype properties (thanks, <a href="https://github.com/snyk">@snyk</a>!)</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>browserify</code>, <code>iconv-lite</code>, <code>qs-iconv</code>, <code>tape</code></li> <li>[Tests] on all node minors; improve test matrix</li> <li>[Docs] document stringify option <code>allowDots</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/195">#195</a>)</li> <li>[Docs] add empty object and array values example (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/195">#195</a>)</li> <li>[Docs] Fix minor inconsistency/typo (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/192">#192</a>)</li> <li>[Docs] document stringify option <code>sort</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/191">#191</a>)</li> <li>[Refactor] <code>stringify</code>: throw faster with an invalid encoder</li> <li>[Refactor] remove unnecessary escapes (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/184">#184</a>)</li> <li>Remove contributing.md, since <code>qs</code> is no longer part of <code>hapi</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/183">#183</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/9ee56121311dac6b6014bfe56b3df0ebbf4ed048"><code>9ee5612</code></a> v6.3.2</li> <li><a href="https://github.com/ljharb/qs/commit/0a63fc8686bcc89d939522913762d1c6b1c4faa5"><code>0a63fc8</code></a> [Tests] up to <code>node</code> <code>v7.7</code>, <code>v6.10</code>,<code> v4.8</code>; disable osx builds since they b...</li> <li><a href="https://github.com/ljharb/qs/commit/8e1f3e743e81df157ccffea20b461ab6e499a795"><code>8e1f3e7</code></a> [Fix] support keys starting with brackets.</li> <li><a href="https://github.com/ljharb/qs/commit/febe81ad7e9120fab8db1897ec98c92297249a7c"><code>febe81a</code></a> [Fix] chmod a-x</li> <li><a href="https://github.com/ljharb/qs/commit/e54c5ec8e20e3beacddff4d775d1a29bcaa47dc1"><code>e54c5ec</code></a> [Dev Deps] update <code>eslint</code></li> <li><a href="https://github.com/ljharb/qs/commit/8e2af085b448eeb0b8068f4c7828e6a68c910058"><code>8e2af08</code></a> [Fix] follow <code>allowPrototypes</code> option during merge</li> <li><a href="https://github.com/ljharb/qs/commit/153ce84948845330d90178cbad982fc7371df538"><code>153ce84</code></a> v6.3.1</li> <li><a href="https://github.com/ljharb/qs/commit/d73b7a6cb2f0b2cfb0e73a6aeefde8cdcb521a98"><code>d73b7a6</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>browserify</code></li> <li><a href="https://github.com/ljharb/qs/commit/beade029171b8cef9cee0d03ebe577e2dd84976d"><code>beade02</code></a> [Fix] ensure that <code>allowPrototypes: false</code> does not ever shadow Object.protot...</li> <li><a href="https://github.com/ljharb/qs/commit/8bd4c6cf12898f469838980317fec92007e5112a"><code>8bd4c6c</code></a> Document allowDots option for stringify</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.3.0...v6.3.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 09bd60df928c5a6dd8bf5fc2b37c8abf7269281d

Bump merge from 1.2.0 to 1.2.1 (#12) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump merge from 1.2.0 to 1.2.1 dependencies

Bumps merge from 1.2.0 to 1.2.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yeikos/js.merge/commit/b31e67fe6592390c967c991aa604c06ed2ae8c4f"><code>b31e67f</code></a> link broken</li> <li><a href="https://github.com/yeikos/js.merge/commit/6ad6035b901b3d680beac82de39ca83a93885246"><code>6ad6035</code></a> Fix prototype pollution</li> <li>See full diff in <a href="https://github.com/yeikos/js.merge/compare/v1.2.0...v1.2.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/fstream-1.0.12

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 29b089ca4bd6b4731521ce3e40ad148052c7cccb

Bump fstream from 1.0.10 to 1.0.12 (#11) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump fstream from 1.0.10 to 1.0.12 dependencies

Bumps fstream from 1.0.10 to 1.0.12. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/fstream/commit/42354590e23bb514eb5c869eea64406be2947c6c"><code>4235459</code></a> 1.0.12</li> <li><a href="https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22"><code>6a77d2f</code></a> Clobber a Link if it's in the way of a File</li> <li><a href="https://github.com/npm/fstream/commit/1e4527ffe8688d4f5325283d7cf2cf2d61f14c6b"><code>1e4527f</code></a> 1.0.11</li> <li><a href="https://github.com/npm/fstream/commit/ac4a9e3d86d39a5b979dbdda44376be85b91ece7"><code>ac4a9e3</code></a> Move props.path check below class init (<a href="https://github-redirect.dependabot.com/npm/fstream/issues/55">#55</a>)</li> <li><a href="https://github.com/npm/fstream/commit/24fabdec32e334dd3b130d77b38c010e3119b102"><code>24fabde</code></a> build: clean up versions</li> <li>See full diff in <a href="https://github.com/npm/fstream/compare/v1.0.10...v1.0.12">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+47 -13

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/extend-3.0.2

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha fd416d6d37e30d5d73a7c4fb5f0ffd62a5b3a2ee

Bump extend from 3.0.0 to 3.0.2 (#10) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump extend from 3.0.0 to 3.0.2 dependencies

Bumps extend from 3.0.0 to 3.0.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md">extend's changelog</a>.</em></p> <blockquote> <h1>3.0.2 / 2018-07-19</h1> <ul> <li>[Fix] Prevent merging <code>proto</code> property (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/48">#48</a>)</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>tape</code></li> <li>[Tests] up to <code>node</code> <code>v10.7</code>, <code>v9.11</code>, <code>v8.11</code>, <code>v7.10</code>, <code>v6.14</code>, <code>v4.9</code>; use <code>nvm install-latest-npm</code></li> </ul> <h1>3.0.1 / 2017-04-27</h1> <ul> <li>[Fix] deep extending should work with a non-object (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/46">#46</a>)</li> <li>[Dev Deps] update <code>tape</code>, <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li>[Tests] up to <code>node</code> <code>v7.9</code>, <code>v6.10</code>, <code>v4.8</code>; improve matrix</li> <li>[Docs] Switch from vb.teelaun.ch to versionbadg.es for the npm version badge SVG.</li> <li>[Docs] Add example to readme (<a href="https://github-redirect.dependabot.com/justmoon/node-extend/issues/34">#34</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/justmoon/node-extend/commit/8d106d23931c0802e8b88188b0aac433e13358d9"><code>8d106d2</code></a> v3.0.2</li> <li><a href="https://github.com/justmoon/node-extend/commit/e97091fa7557e106042e475ef59e654fa9d2c7ab"><code>e97091f</code></a> [Dev Deps] update <code>tape</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/e841aac7ce7119606345b440b0a9e7668e848985"><code>e841aac</code></a> [Tests] up to <code>node</code> <code>v10.7</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/0e68e71d93507fcc391e398bc84abd0666b28190"><code>0e68e71</code></a> [Fix] Prevent merging <strong>proto</strong> property</li> <li><a href="https://github.com/justmoon/node-extend/commit/a689700740b44846e76f8f1dc4bdf230a2cb5c0d"><code>a689700</code></a> Only apps should have lockfiles</li> <li><a href="https://github.com/justmoon/node-extend/commit/f13c1c4e51c47b90604eb2dc56cc60561e497d36"><code>f13c1c4</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>tape</code></li> <li><a href="https://github.com/justmoon/node-extend/commit/f3570fe5582dbfba47e60c0cd75b4fb6f01cd3fe"><code>f3570fe</code></a> [Tests] up to <code>node</code> <code>v10.0</code>, <code>v9.11</code>, <code>v8.11</code>, <code>v7.10</code>, <code>v6.14</code>, <code>v4.9</code>; use...</li> <li><a href="https://github.com/justmoon/node-extend/commit/138b515df4d628bb1742254ede5d2551c0fecae7"><code>138b515</code></a> v3.0.1</li> <li><a href="https://github.com/justmoon/node-extend/commit/7e19a6f763a0e19c661403c6b1d1dffa6709b5d9"><code>7e19a6f</code></a> [Tests] up to <code>node</code> <code>v7.9</code>, <code>v6.10</code>, <code>v4.8</code>; improve matrix</li> <li><a href="https://github.com/justmoon/node-extend/commit/0191e27d2810329a06275c52b5a2aa435b2a5b4b"><code>0191e27</code></a> [Dev Deps] update <code>tape</code>, <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li>Additional commits viewable in <a href="https://github.com/justmoon/node-extend/compare/v3.0.0...v3.0.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/sshpk-1.16.1

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 948b705843aeb58752f02744da3b90323e537701

Bump sshpk from 1.10.1 to 1.16.1 (#9) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump sshpk from 1.10.1 to 1.16.1 dependencies

Bumps sshpk from 1.10.1 to 1.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/joyent/node-sshpk/releases">sshpk's releases</a>.</em></p> <blockquote> <h2>v1.16.1</h2> <ul> <li>Fixes for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/60">#60</a> (correctly encoding certificates with expiry dates >=2050), <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/62">#62</a> (accepting PKCS#8 EC private keys with missing public key parts)</li> </ul> <h2>v1.16.0</h2> <ul> <li>Add support for SPKI fingerprints, PuTTY PPK format (public-key only for now), PKCS#8 PBKDF2 encrypted private keys</li> <li>Fix for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/48">#48</a></li> </ul> <h2>v1.15.2</h2> <ul> <li>New API for accessing x509 extensions in certificates</li> <li>Fixes for <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/52">#52</a>, <a href="https://github-redirect.dependabot.com/joyent/node-sshpk/issues/50">#50</a></li> </ul> <h2>v1.14.1</h2> <ul> <li>Remove all remaining usage of jodid25519 (abandoned dep)</li> <li>Add support for DNSSEC key format</li> <li>Add support for Ed25519 keys in PEM format (according to draft-curdle-pkix)</li> <li>Fixes for X.509 encoding issues (asn.1 NULLs in RSA certs, cert string type mangling)</li> <li>Performance issues parsing long SSH public keys</li> </ul> <h2>v1.13.0</h2> <ul> <li>Support SSH-format rsa-sha2-256 signatures (e.g. so the SSH agent can sign using RSA-SHA256)</li> </ul> <h2>v1.12.0</h2> <ul> <li>Support for generating ECDSA keys using <code>generatePrivateKey()</code></li> <li>Minimum for <code>sshpk-agent</code> to be able to sign new certificates using an agent key</li> </ul> <h2>v1.11.0</h2> <ul> <li>Added support for X.509 extKeyUsage</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/joyent/node-sshpk/commits/v1.16.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+22 -22

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

PR merged bolasblack/ramda-extra

Bump js-yaml from 3.7.0 to 3.14.0 dependencies

Bumps js-yaml from 3.7.0 to 3.14.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[3.14.0] - 2020-05-22</h2> <h3>Changed</h3> <ul> <li>Support <code>safe/loadAll(input, options)</code> variant of call.</li> <li>CI: drop outdated nodejs versions.</li> <li>Dev deps bump.</li> </ul> <h3>Fixed</h3> <ul> <li>Quote <code>=</code> in plain scalars <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/519">#519</a>.</li> <li>Check the node type for <code>!<?></code> tag in case user manually specifies it.</li> <li>Verify that there are no null-bytes in input.</li> <li>Fix wrong quote position when writing condensed flow, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/526">#526</a>.</li> </ul> <h2>[3.13.1] - 2019-04-05</h2> <h3>Security</h3> <ul> <li>Fix possible code execution in (already unsafe) <code>.load()</code>, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/480">#480</a>.</li> </ul> <h2>[3.13.0] - 2019-03-20</h2> <h3>Security</h3> <ul> <li>Security fix: <code>safeLoad()</code> can hang when arrays with nested refs used as key. Now throws exception for nested arrays. <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/475">#475</a>.</li> </ul> <h2>[3.12.2] - 2019-02-26</h2> <h3>Fixed</h3> <ul> <li>Fix <code>noArrayIndent</code> option for root level, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/468">#468</a>.</li> </ul> <h2>[3.12.1] - 2019-01-05</h2> <h3>Added</h3> <ul> <li>Added <code>noArrayIndent</code> option, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/432">#432</a>.</li> </ul> <h2>[3.12.0] - 2018-06-02</h2> <h3>Changed</h3> <ul> <li>Support arrow functions without a block statement, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/421">#421</a>.</li> </ul> <h2>[3.11.0] - 2018-03-05</h2> <h3>Added</h3> <ul> <li>Add arrow functions suport for <code>!!js/function</code>.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix dump in bin/octal/hex formats for negative integers, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/399">#399</a>.</li> </ul> <h2>[3.10.0] - 2017-09-10</h2> <h3>Fixed</h3> <ul> <li>Fix <code>condenseFlow</code> output (quote keys for sure, instead of spaces), <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/371">#371</a>, <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/370">#370</a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodeca/js-yaml/commit/34e5072f43fd36b08aaaad433da73c10d47c41e5"><code>34e5072</code></a> 3.14.0 released</li> <li><a href="https://github.com/nodeca/js-yaml/commit/7b25c83a6dc77097c2bf14bf714e168f60ee199b"><code>7b25c83</code></a> Browser files rebuild</li> <li><a href="https://github.com/nodeca/js-yaml/commit/6f7347396867b8dcfc042722c2aae810dfe4caae"><code>6f73473</code></a> Dev deps bump</li> <li><a href="https://github.com/nodeca/js-yaml/commit/0c293491d903cddcd41b41c165bc45eeb9a8d720"><code>0c29349</code></a> Travis-CI: drop old nodejs versions</li> <li><a href="https://github.com/nodeca/js-yaml/commit/10be97ebbd588e68907e6c67e0b3843a4caab475"><code>10be97e</code></a> fix(loader): Add support for <code>safe/loadAll(input, options)</code></li> <li><a href="https://github.com/nodeca/js-yaml/commit/d6983dd4291849b2854e8d26e1beb302edfd4c76"><code>d6983dd</code></a> Fix issue <a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/526">#526</a>: wrong quote position writing condensed flow (<a href="https://github-redirect.dependabot.com/nodeca/js-yaml/issues/527">#527</a>)</li> <li><a href="https://github.com/nodeca/js-yaml/commit/93fbf7d4ddecea60709c8379397247af28f11e10"><code>93fbf7d</code></a> fix issue 526 (wrong quote position writing condensed flow)</li> <li><a href="https://github.com/nodeca/js-yaml/commit/e569cc70ec9b41760d0d37b805a1d9b3ada519ca"><code>e569cc7</code></a> readme: update titelift info</li> <li><a href="https://github.com/nodeca/js-yaml/commit/8fb29059223b5f700dec4ea09b3d5550cd3a8e32"><code>8fb2905</code></a> changelog format update</li> <li><a href="https://github.com/nodeca/js-yaml/commit/33c2236d702fee430cac27ab41d75069b6647765"><code>33c2236</code></a> Verify that there are no null-bytes in input</li> <li>Additional commits viewable in <a href="https://github.com/nodeca/js-yaml/compare/3.7.0...3.14.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+10 -6

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/qs-6.3.2

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 58a37a7b1797255c9e69966e4e2d150102133a16

Bump qs from 6.3.0 to 6.3.2 (#8) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/marked-0.3.19

delete time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/js-yaml-3.14.0

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha b2ae6e8964119ba666b84a7556a838508e375575

Bump js-yaml from 3.7.0 to 3.14.0 (#7) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 829ae7d2d5805c3dc5dd642e194e7b4315ade37e

Bump marked from 0.3.6 to 0.3.19 (#5) Bumps [marked](https://github.com/markedjs/marked) from 0.3.6 to 0.3.19. - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](https://github.com/markedjs/marked/compare/v0.3.6...v0.3.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump lodash from 4.17.3 to 4.17.19 dependencies

Bumps lodash from 4.17.3 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.3...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

1 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/diff-3.5.0

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 78529e55a017c254208049a3f07ce43cf7e4d096

Bump diff from 3.2.0 to 3.5.0 (#6) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump diff from 3.2.0 to 3.5.0 dependencies

Bumps diff from 3.2.0 to 3.5.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kpdecker/jsdiff/blob/master/release-notes.md">diff's changelog</a>.</em></p> <blockquote> <h2>v3.5.0 - March 4th, 2018</h2> <ul> <li>Omit redundant slice in join method of diffArrays - 1023590</li> <li>Support patches with empty lines - fb0f208</li> <li>Accept a custom JSON replacer function for JSON diffing - 69c7f0a</li> <li>Optimize parch header parser - 2aec429</li> <li>Fix typos - e89c832</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.4.0...v3.5.0">Commits</a></p> <h2>v3.4.0 - October 7th, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/183">#183</a> - Feature request: ability to specify a custom equality checker for <code>diffArrays</code></li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/173">#173</a> - Bug: diffArrays gives wrong result on array of booleans</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/158">#158</a> - diffArrays will not compare the empty string in array?</li> <li>comparator for custom equality checks - 30e141e</li> <li>count oldLines and newLines when there are conflicts - 53bf384</li> <li>Fix: diffArrays can compare falsey items - 9e24284</li> <li>Docs: Replace grunt with npm test - 00e2f94</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.3.1...v3.4.0">Commits</a></p> <h2>v3.3.1 - September 3rd, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/141">#141</a> - Cannot apply patch because my file delimiter is "/r/n" instead of "/n"</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/pull/192">#192</a> - Fix: Bad merge when adding new files (<a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/189">#189</a>)</li> <li>correct spelling mistake - 21fa478</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.3.0...v3.3.1">Commits</a></p> <h2>v3.3.0 - July 5th, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/114">#114</a> - /patch/merge not exported</li> <li>Gracefully accept invalid newStart in hunks, same as patch(1) does. - d8a3635</li> <li>Use regex rather than starts/ends with for parsePatch - 6cab62c</li> <li>Add browser flag - e64f674</li> <li>refactor: simplified code a bit more - 8f8e0f2</li> <li>refactor: simplified code a bit - b094a6f</li> <li>fix: some corrections re ignoreCase option - 3c78fd0</li> <li>ignoreCase option - 3cbfbb5</li> <li>Sanitize filename while parsing patches - 2fe8129</li> <li>Added better installation methods - aced50b</li> <li>Simple export of functionality - 8690f31</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.2.0...v3.3.0">Commits</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kpdecker/jsdiff/commit/e9ab94893a77f1f7d7ea8483b873083e6c6a390a"><code>e9ab948</code></a> v3.5.0</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/b73884c013d199aeba62f583c392a823083a889f"><code>b73884c</code></a> Update release notes</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/89530211601abfd0baf6276f0f862d5e43f908ee"><code>8953021</code></a> Update release notes</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/1023590bd4b29edb8c4d280f9bd50966fc22e469"><code>1023590</code></a> Omit redundant slice in join method of diffArrays</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/c72ef4aec8fc6318dd413ab7c225fa47891f607c"><code>c72ef4a</code></a> Add missing test coverage</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/b9ef24f8004624f024f9853842ea45903dc0afc7"><code>b9ef24f</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/10aaabb3b7b22c8019dc74f0ab674041167e7438"><code>10aaabb</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/196d3aa052e89bfe929ed6368b11dc7d011bf911"><code>196d3aa</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/e24d789f71991db9a74e3997653d9cf52d071749"><code>e24d789</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/8616a02a139422c8a3e008b63d60083abdd56b7c"><code>8616a02</code></a> Support patches with empty lines</li> <li>Additional commits viewable in <a href="https://github.com/kpdecker/jsdiff/compare/v3.2.0...v3.5.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

PR merged bolasblack/ramda-extra

Bump marked from 0.3.6 to 0.3.19 dependencies

Bumps marked from 0.3.6 to 0.3.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/markedjs/marked/releases">marked's releases</a>.</em></p> <blockquote> <h2>0.3.18 minified required new release</h2> <p>0.3.18 did not have changes to min.</p> <h2>Minor fixes and updated docs</h2> <ul> <li>Supported Markdown flavors: CommonMark 0.28 and GitHub Flavored Markdown 0.28</li> <li>Updates to our CI pipeline; we're all green! <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1098">#1098</a> with the caveat that there is a test that needs to get sorted (help us out <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1092">#1092</a>)</li> <li>Start ordered lists using the initial numbers from markdown lists (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1144">#1144</a>)</li> <li>Added GitHub Pages site for documentation <a href="https://marked.js.org/">https://marked.js.org/</a> (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1138">#1138</a>)</li> </ul> <h2>Processes and tools</h2> <ul> <li>The elephant in the room: A security vulnerability was discovered and fixed. Please note, if something breaks due to these changes, it was not our intent, and please let us know by submitting a PR or issue to course correct (the nature of the zero-major release and having security as a number one priority) <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1083">#1083</a></li> <li>The other elephant in the room: We missed publishing a 0.3.16 release to GitHub; so, trying to make up for that a bit.</li> <li>Updates to the project documentation and operations, you should check it out, just start with the README and you should be good.</li> <li>New release PR template available <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1076">#1076</a></li> <li>Updates to default PR and Issue templates <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1076">#1076</a></li> <li>Lint checks + tests + continuous integration using Travis <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1020">#1020</a></li> <li>Updated testing output <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1085">#1085</a> & <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1087">#1087</a></li> </ul> <h2>Fix capturing parens</h2> <p>Fixes unintended breaking change from v0.3.14</p> <h2>New year, new home</h2> <ul> <li>Marked has a new home under the MarkedJS org! Other advances soon to come.</li> <li>Updated minifier.</li> <li>Various parser fixes</li> </ul> <h2>New Year, new Marked!</h2> <ul> <li>Addresses issue where some users might not have been able to update due to missing <code>use strict</code> <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/991">#991</a></li> <li>Parser fix <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/977">#977</a></li> <li>New way to perform tests with options and running individual tests <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1002">#1002</a></li> <li>Improved test cases</li> <li>Improved links</li> </ul> <h2>Merry XSSmas</h2> <p>We think with this version we have addressed most, if not all, known security vulnerabilities. If you find more, please let us know.</p> <h2>XSS</h2> <p>Should fix XSS issue discovered.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/markedjs/marked/commit/5d1baa4d7ca55b27cb08029ac785e98b6378fcf0"><code>5d1baa4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1157">#1157</a> from markedjs/release-0.3.19</li> <li><a href="https://github.com/markedjs/marked/commit/a089991fe35e250e5bc3fbbb99fb4ccd515b61dd"><code>a089991</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/64">#64</a> from fidian/master</li> <li><a href="https://github.com/markedjs/marked/commit/ad6c7f91254c3d8ceb3354fcd7a18294e1cb2e4b"><code>ad6c7f9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1156">#1156</a> from UziTech/docs-navigation</li> <li><a href="https://github.com/markedjs/marked/commit/03e015ca912ae4039862c73bd3cee8e04b589085"><code>03e015c</code></a> 0.3.19</li> <li><a href="https://github.com/markedjs/marked/commit/cf2def076f9b8c0ff9c09ae5be816f0605a976ef"><code>cf2def0</code></a> minify</li> <li><a href="https://github.com/markedjs/marked/commit/29f4190117eb59ff9f644bc17046d141343647cf"><code>29f4190</code></a> Ignore DS_Store on macos</li> <li><a href="https://github.com/markedjs/marked/commit/f29bceb025a31d95a6205d2fcfd6b2385905d8b9"><code>f29bceb</code></a> Update publishing template (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1154">#1154</a>)</li> <li><a href="https://github.com/markedjs/marked/commit/210eed715b5c26f4db2b982236638ddde50159c7"><code>210eed7</code></a> Update badge template (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1155">#1155</a>)</li> <li><a href="https://github.com/markedjs/marked/commit/9c01b83370792d9b0e6c2cb1903ca67191a76269"><code>9c01b83</code></a> link to README.md</li> <li><a href="https://github.com/markedjs/marked/commit/fd9f44413301b5ba186f61db06b8ddfa1336a983"><code>fd9f444</code></a> add github ribbon</li> <li>Additional commits viewable in <a href="https://github.com/markedjs/marked/compare/v0.3.6...v0.3.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~amidknight">amidknight</a>, a new releaser for marked since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/is-my-json-valid-2.20.4

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha 03cc1b50bcea8b3396dfc947ee569f902eb6b1f5

Bump is-my-json-valid from 2.15.0 to 2.20.4 (#4) Bumps [is-my-json-valid](https://github.com/mafintosh/is-my-json-valid) from 2.15.0 to 2.20.4. - [Release notes](https://github.com/mafintosh/is-my-json-valid/releases) - [Commits](https://github.com/mafintosh/is-my-json-valid/compare/v2.15.0...v2.20.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/ramda-extra

Bump is-my-json-valid from 2.15.0 to 2.20.4 dependencies

Bumps is-my-json-valid from 2.15.0 to 2.20.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2534af447c2a13871c32679c7059a099ea7114b6"><code>2534af4</code></a> 2.20.4</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/22c6b768a16e95349ad14c638d0d412be6e28fd4"><code>22c6b76</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/180">#180</a> from ChALkeR/chalker/fix-style</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/ccde29dd0626d870bf61fc9c04c845017060711d"><code>ccde29d</code></a> Fix a ReDoS in 'style' format</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/9df4acbb3077bce07f74e2f788cc9bfc11e0a5b3"><code>9df4acb</code></a> 2.20.3</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/3419563687df463b4ca709a2b46be8e15d6a2b3d"><code>3419563</code></a> only inline allocated vars</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/adf40bd9f22f6c9ee7d4c612c4193a7b835416bc"><code>adf40bd</code></a> 2.20.2</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/c3fc04fc455d40e9b29537f8e2c73a28ce106edb"><code>c3fc04f</code></a> limit regex if maxLength is set</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/314a36f98c9980680c0b8973d4b0ef58501a24c9"><code>314a36f</code></a> test on 12</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2684bd0a5ed93dd377f0fcb43f6298f4524a2373"><code>2684bd0</code></a> 2.20.1</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/0fb366a5dd12c3123ed416cc88b000af93ec01b0"><code>0fb366a</code></a> use maxItems in unique check</li> <li>Additional commits viewable in <a href="https://github.com/mafintosh/is-my-json-valid/compare/v2.15.0...v2.20.4">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~linusu">linusu</a>, a new releaser for is-my-json-valid since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+16 -9

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

PR merged bolasblack/ramda-extra

Bump stringstream from 0.0.5 to 0.0.6 dependencies

Bumps stringstream from 0.0.5 to 0.0.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mhart/StringStream/commit/fee31c5c4a5efc7c7cc2fde4aee633dedefd6d67"><code>fee31c5</code></a> 0.0.6</li> <li><a href="https://github.com/mhart/StringStream/commit/2f4a9d496f94b0880e01a26857aa266a5a3ef274"><code>2f4a9d4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mhart/StringStream/issues/9">#9</a> from mhart/fix-buffer-constructor-vuln</li> <li><a href="https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b"><code>afbc744</code></a> Ensure data is not a number in Buffer constructor</li> <li>See full diff in <a href="https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/stringstream-0.0.6

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha f2f61d765a04c2b326298ddf3b22f6f73a147bea

Bump stringstream from 0.0.5 to 0.0.6 (#3) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

delete branch bolasblack/ramda-extra

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 16 days

push eventbolasblack/ramda-extra

dependabot[bot]

commit sha a7b0fe3772922c5ea1c2bb7ea86014400fbd4a8f

Bump lodash from 4.17.3 to 4.17.19 (#2) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.3 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.3...4.17.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

startedmdevils/typescript-exercises

started time in 16 days

delete branch bolasblack/nodejs-runner

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 16 days

push eventbolasblack/nodejs-runner

dependabot[bot]

commit sha 6edb7a9ac2fdb81103700635ad9397ea9ee6aba1

Bump lodash from 4.17.4 to 4.17.19 (#2) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 16 days

PR merged bolasblack/nodejs-runner

Bump lodash from 4.17.4 to 4.17.19 dependencies

Bumps lodash from 4.17.4 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.4...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

pull request commentbolasblack/ramda-extra

Bump lodash from 4.17.3 to 4.17.19

@dependabot rebase

dependabot[bot]

comment created time in 16 days

more