profile
viewpoint
Dan Ditomaso danditomaso Toronto, Canada https://danditomaso.com front-end developer | @HackerYou alumni | loves all things JS 🌲🌐

danditomaso/vue-unsplash 1

A flickr like application to search for photos from Unsplash.com

danditomaso/bulletproof-nodejs 0

Implementation of a bulletproof node.js API 🛡️

danditomaso/dan_ditomaso_project1 0

HackerYou - Project 1

danditomaso/forkItLikeItsHot 0

When the code's in the git ma

danditomaso/gulp-boilerplate 0

A boilerplate for building web projects with Gulp.js.

startedinancgumus/learngo

started time in 23 days

startedsveltejs/svelte

started time in a month

startedsantiq/bulletproof-nodejs

started time in 2 months

startedcoryhouse/mock-api-example

started time in 2 months

push eventdanditomaso/grid-exploration

Dan Ditomaso

commit sha 769a1780fa068b6882280c94ad7adf1cd3aa02a4

Initialize project using Create React App

view details

Dan Ditomaso

commit sha 03c4fb2f10d52ea4b57edc82d3a0ed0d82aa2ef2

Initial commit

view details

push time in 3 months

create barnchdanditomaso/grid-exploration

branch : master

created branch time in 3 months

created repositorydanditomaso/grid-exploration

created time in 3 months

pull request commentsholladay/pogo

update to deno v0.40.0

Thanks, I've updated the additional files and the commit should be ready for your review as part of this PR.

danditomaso

comment created time in 3 months

push eventdanditomaso/pogo

Dan Ditomaso

commit sha 5fcd2d957704a1dd25ce00666bf0fb23ed2e02f1

added deno version update to additional files

view details

push time in 3 months

PR opened sholladay/pogo

update to deno v0.40.0
+9 -13

0 comment

1 changed file

pr created time in 3 months

create barnchdanditomaso/pogo

branch : denoupdate

created branch time in 3 months

create barnchdanditomaso/pogo

branch : v0.40denoUpdate

created branch time in 3 months

pull request commentsholladay/pogo

update to deno v0.40.0

Just re-read contributing guidelines. Will re-submit this PR.

danditomaso

comment created time in 3 months

PR closed sholladay/pogo

update to deno v0.40.0
+9 -13

0 comment

1 changed file

danditomaso

pr closed time in 3 months

starteddanditomaso/vue-unsplash

started time in 3 months

PR opened sholladay/pogo

update to deno v0.40.0
+9 -13

0 comment

1 changed file

pr created time in 3 months

push eventdanditomaso/pogo

Dan Ditomaso

commit sha ee692c26a125bcc104e823e70ae1a20fd8692ce0

update to deno v0.40.0

view details

push time in 3 months

PR closed saphoooo/rpi-ghost

Updated to 0.11.8

Changed GHOST_VERSION to latest available

+1 -1

0 comment

1 changed file

danditomaso

pr closed time in 3 months

PR closed utatti/express-formidable

Added missing closing bracket to fix documentation

Added missing bracket to documentation

+1 -1

0 comment

1 changed file

danditomaso

pr closed time in 3 months

fork danditomaso/pogo

Server framework for Deno

fork in 3 months

push eventdanditomaso/blog

Dan Ditomaso

commit sha 6302a0256d5606e53643e602c9c85824324d634b

added light grey background on hover to nav bar, changed cursor to pointer when inside any nav button.

view details

push time in 3 months

push eventdanditomaso/blog

Dan Ditomaso

commit sha 13ac2b0b0d391496a19445998a155526ed86d012

Added missing library to package json, fixed outline around mobile Nav

view details

push time in 3 months

startedhswolff/dencro

started time in 3 months

fork danditomaso/portfolio-2020

Web dev portfolio & personal site, redesigned and rebuilt for 2020. Now with 100% more JAMstack goodness

fork in 3 months

push eventdanditomaso/portfolio

dependabot[bot]

commit sha 988050c89959f800758caa1eb052aa11f8dc5225

Bump acorn from 5.7.3 to 5.7.4 Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

Dan Ditomaso

commit sha a4b7b957d5e9703ad24d84a4f3170276d87e711e

Merge pull request #19 from danditomaso/dependabot/npm_and_yarn/acorn-5.7.4 Bump acorn from 5.7.3 to 5.7.4

view details

push time in 3 months

PR merged danditomaso/portfolio

Bump acorn from 5.7.3 to 5.7.4 dependencies

Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+18 -11

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventdanditomaso/moviedb

dependabot[bot]

commit sha 76ac2d0309c44c936e4302c34d4b7b3342f70ed1

Bump eslint-utils from 1.3.1 to 1.4.2 Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

Dan Ditomaso

commit sha d2b52891d64e267fe02c497e78c4dab79544f9c6

Merge pull request #4 from danditomaso/dependabot/npm_and_yarn/eslint-utils-1.4.2 Bump eslint-utils from 1.3.1 to 1.4.2

view details

push time in 3 months

PR merged danditomaso/moviedb

Bump eslint-utils from 1.3.1 to 1.4.2 dependencies

Bumps eslint-utils from 1.3.1 to 1.4.2. <details> <summary>Commits</summary>

  • 4e1bc07 1.4.2
  • e4cb014 🐛 add null test
  • 230a4e2 1.4.1
  • 08158db 🐛 fix getStaticValue security issue
  • 587cca2 🐛 fix getStringIfConstant to handle literals correctly
  • c119e83 🐛 fix getStaticValue to handle bigint correctly
  • 531b16f 🔖 1.4.0
  • 276303d ⚒ upgrade rollup
  • cb518c7 🐛 fix hasSideEffect false negative
  • aac472e 🐛 fix isParenthesized had false positive on ImportExpression (fixes #1)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+14 -9

0 comment

2 changed files

dependabot[bot]

pr closed time in 3 months

push eventdanditomaso/moviedb

dependabot[bot]

commit sha 4782bf5b6eb6696d99e206ceb45562d0112c7c3b

Bump handlebars from 4.1.2 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

Dan Ditomaso

commit sha df713ebf640e00a6b43e5f7c328f201642080553

Merge pull request #5 from danditomaso/dependabot/npm_and_yarn/handlebars-4.5.3 Bump handlebars from 4.1.2 to 4.5.3

view details

push time in 3 months

PR merged danditomaso/moviedb

Bump handlebars from 4.1.2 to 4.5.3 dependencies

Bumps handlebars from 4.1.2 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+14 -14

0 comment

2 changed files

dependabot[bot]

pr closed time in 3 months

push eventdanditomaso/moviedb

dependabot[bot]

commit sha bfb4fc514f4b24ba06a622f8506a3ad5538cfa44

Bump acorn from 5.7.3 to 5.7.4 Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

Dan Ditomaso

commit sha b71f07eb1c4e7b9b7ff33b4f4682b3bc51e66455

Merge pull request #6 from danditomaso/dependabot/npm_and_yarn/acorn-5.7.4 Bump acorn from 5.7.3 to 5.7.4

view details

push time in 3 months

PR merged danditomaso/moviedb

Bump acorn from 5.7.3 to 5.7.4 dependencies

Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+15 -15

0 comment

2 changed files

dependabot[bot]

pr closed time in 3 months

more