profile
viewpoint

PR opened xebia-france/dashboard-conf-companion

build(deps): bump lodash from 4.17.15 to 4.17.20 in /functions/functions

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -11

0 comment

1 changed file

pr created time in a few seconds

delete branch BloodStreaam/SRLFlores

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in a few seconds

push eventShoeBoom/idea-engine

dependabot[bot]

commit sha 55aee729bde913839917d4f942db98fb3093160e

Bump @types/node from 14.11.1 to 14.11.2 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.11.1 to 14.11.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot[bot] <support@github.com>

view details

Shubham Bhardwaj

commit sha de7a90188c97571f42388f3f1a76858cc2639bb6

Merge pull request #38 from ShoeBoom/dependabot/npm_and_yarn/types/node-14.11.2 Bump @types/node from 14.11.1 to 14.11.2

view details

dependabot[bot]

commit sha 8375df5089ff03b4c83ffd0c3bda714e091fc9e3

Bump @typescript-eslint/eslint-plugin from 4.1.1 to 4.2.0 Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.1.1 to 4.2.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.2.0/packages/eslint-plugin) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

PR closed BloodStreaam/SRLFlores

Bump lodash from 4.17.15 to 4.17.19 dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+12 -12

1 comment

1 changed file

dependabot[bot]

pr closed time in a few seconds

PR opened Consejo-MOYSP/themes

Bump rubyzip from 1.2.3 to 2.3.0

Bumps rubyzip from 1.2.3 to 2.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rubyzip/rubyzip/releases">rubyzip's releases</a>.</em></p> <blockquote> <h2>v2.3.0</h2> <ul> <li>Fix frozen string literal error <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/431">#431</a></li> <li>Set <code>OutputStream.write_buffer</code>'s buffer to binmode <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/439">#439</a></li> <li>Upgrade rubocop and fix various linting complaints <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/437">#437</a> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/440">#440</a></li> </ul> <p>Tooling:</p> <ul> <li>Add a <code>bin/console</code> script for development <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/420">#420</a></li> <li>Update rake requirement (development dependency only) to fix a security alert.</li> </ul> <h2>v2.2.0</h2> <ul> <li>Add support for decompression plugin gems <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/427">#427</a></li> </ul> <h2>v2.1.0</h2> <ul> <li>Fix (at least partially) the <code>restore_times</code> and <code>restore_permissions</code> options to <code>Zip::File.new</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/413">#413</a> <ul> <li>Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to <code>false</code> to preserve the current behavior, for the time being. If you have explicitly set either to <code>true</code>, it will now have an effect.</li> <li>Fix handling of UniversalTime (<code>mtime</code>, <code>atime</code>, <code>ctime</code>) fields. <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/421">#421</a></li> <li>Previously, <code>Zip::File</code> did not pass the options to <code>Zip::Entry</code> in some cases. <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/423">#423</a></li> <li>Note that <code>restore_times</code> in this release does nothing on Windows and only restores <code>mtime</code>, not <code>atime</code> or <code>ctime</code>.</li> </ul> </li> <li>Allow <code>Zip::File.open</code> to take an options hash like <code>Zip::File.new</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/418">#418</a></li> <li>Always print warnings with <code>warn</code>, instead of a mix of <code>puts</code> and <code>warn</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/416">#416</a></li> <li>Create temporary files in the system temporary directory instead of the directory of the zip file <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411">#411</a></li> <li>Drop unused <code>tmpdir</code> requirement <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411">#411</a></li> </ul> <p>Tooling</p> <ul> <li>Move CI to xenial and include jruby on JDK11 <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/419/files">#419</a></li> </ul> <h2>v2.0.0</h2> <p>Security</p> <ul> <li>Default the <code>validate_entry_sizes</code> option to <code>true</code>, so that callers can trust an entry's reported size when using <code>extract</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403">#403</a> <ul> <li>This option defaulted to <code>false</code> in 1.3.0 for backward compatibility, but it now defaults to <code>true</code>. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to <code>true</code>.</li> </ul> </li> </ul> <p>Tooling / Documentation</p> <ul> <li>Remove test files from the gem to avoid problems with antivirus detections on the test files <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/405">#405</a> / <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/384">#384</a></li> <li>Drop support for unsupported ruby versions <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/406">#406</a></li> </ul> <h2>v1.3.0</h2> <p>Security</p> <ul> <li>Add <code>validate_entry_sizes</code> option so that callers can trust an entry's reported size when using <code>extract</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403">#403</a> <ul> <li>This option defaults to <code>false</code> for backward compatibility in this release, but you are strongly encouraged to set it to <code>true</code>. It will default to <code>true</code> in rubyzip 2.0.</li> </ul> </li> </ul> <p>New Feature</p> <ul> <li>Add <code>add_stored</code> method to simplify adding entries without compression <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/366">#366</a></li> </ul> <p>Tooling / Documentation</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rubyzip/rubyzip/blob/master/Changelog.md">rubyzip's changelog</a>.</em></p> <blockquote> <h1>2.3.0 (2020-03-14)</h1> <ul> <li>Fix frozen string literal error <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/431">#431</a></li> <li>Set <code>OutputStream.write_buffer</code>'s buffer to binmode <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/439">#439</a></li> <li>Upgrade rubocop and fix various linting complaints <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/437">#437</a> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/440">#440</a></li> </ul> <p>Tooling:</p> <ul> <li>Add a <code>bin/console</code> script for development <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/420">#420</a></li> <li>Update rake requirement (development dependency only) to fix a security alert.</li> </ul> <h1>2.2.0 (2020-02-01)</h1> <ul> <li>Add support for decompression plugin gems <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/427">#427</a></li> </ul> <h1>2.1.0 (2020-01-25)</h1> <ul> <li>Fix (at least partially) the <code>restore_times</code> and <code>restore_permissions</code> options to <code>Zip::File.new</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/413">#413</a> <ul> <li>Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to <code>false</code> to preserve the current behavior, for the time being. If you have explicitly set either to <code>true</code>, it will now have an effect.</li> <li>Fix handling of UniversalTime (<code>mtime</code>, <code>atime</code>, <code>ctime</code>) fields. <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/421">#421</a></li> <li>Previously, <code>Zip::File</code> did not pass the options to <code>Zip::Entry</code> in some cases. <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/423">#423</a></li> <li>Note that <code>restore_times</code> in this release does nothing on Windows and only restores <code>mtime</code>, not <code>atime</code> or <code>ctime</code>.</li> </ul> </li> <li>Allow <code>Zip::File.open</code> to take an options hash like <code>Zip::File.new</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/418">#418</a></li> <li>Always print warnings with <code>warn</code>, instead of a mix of <code>puts</code> and <code>warn</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/416">#416</a></li> <li>Create temporary files in the system temporary directory instead of the directory of the zip file <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411">#411</a></li> <li>Drop unused <code>tmpdir</code> requirement <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411">#411</a></li> </ul> <p>Tooling</p> <ul> <li>Move CI to xenial and include jruby on JDK11 <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/419/files">#419</a></li> </ul> <h1>2.0.0 (2019-09-25)</h1> <p>Security</p> <ul> <li>Default the <code>validate_entry_sizes</code> option to <code>true</code>, so that callers can trust an entry's reported size when using <code>extract</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403">#403</a> <ul> <li>This option defaulted to <code>false</code> in 1.3.0 for backward compatibility, but it now defaults to <code>true</code>. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to <code>true</code>.</li> </ul> </li> </ul> <p>Tooling / Documentation</p> <ul> <li>Remove test files from the gem to avoid problems with antivirus detections on the test files <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/405">#405</a> / <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/384">#384</a></li> <li>Drop support for unsupported ruby versions <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/406">#406</a></li> </ul> <h1>1.3.0 (2019-09-25)</h1> <p>Security</p> <ul> <li>Add <code>validate_entry_sizes</code> option so that callers can trust an entry's reported size when using <code>extract</code> <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403">#403</a> <ul> <li>This option defaults to <code>false</code> for backward compatibility in this release, but you are strongly encouraged to set it to <code>true</code>. It will default to <code>true</code> in rubyzip 2.0.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rubyzip/rubyzip/commit/3bc55a5d9880827ddca76de41004b5a82eb7642e"><code>3bc55a5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/443">#443</a> from rubyzip/v2-3-0</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/69186f65cdaa69a46e32ab81661376d648f61566"><code>69186f6</code></a> Bump version to 2.3.0</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/516941bec56fbceaed8e75887247b74b97cbf341"><code>516941b</code></a> Update changelog for <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/439">#439</a> and <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/440">#440</a></li> <li><a href="https://github.com/rubyzip/rubyzip/commit/a64a14767dd458f8da6107721a428aa5e2b3f5c9"><code>a64a147</code></a> Bump rake version (development dependency)</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/4c789c28212f38216a88982ce52f0992b1853805"><code>4c789c2</code></a> Remove unused constant from <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/439">#439</a></li> <li><a href="https://github.com/rubyzip/rubyzip/commit/fabacf16333eb74a98f0cfa9b5a39e8d5b129304"><code>fabacf1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/440">#440</a> from hainesr/rubocop-names</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/b231b289987a595171aceedb941450e8620cf314"><code>b231b28</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/439">#439</a> from henkeinfo/binary-outstream-buffer</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/66324a711cc7311b9e022bfc0badcbbaebc7308e"><code>66324a7</code></a> Remove duplicate binmode call</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/e33c07a6e757eed653b56b045b8a0ecff40c1533"><code>e33c07a</code></a> Use existing constant for ASCII_8BIT</li> <li><a href="https://github.com/rubyzip/rubyzip/commit/ce17c57e2d0d0f8c61c535a7045cbe7c0fc44a4c"><code>ce17c57</code></a> Fix Naming/AccessorMethodName in the tests.</li> <li>Additional commits viewable in <a href="https://github.com/rubyzip/rubyzip/compare/v1.2.3...v2.3.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in a few seconds

pull request commentBloodStreaam/SRLFlores

Bump lodash from 4.17.15 to 4.17.19

Superseded by #8.

dependabot[bot]

comment created time in a few seconds

create barnchConsejo-MOYSP/themes

branch : dependabot/bundler/rubyzip-2.3.0

created branch time in a few seconds

PR opened Consejo-MOYSP/themes

Bump nokogiri from 1.10.3 to 1.10.10

Bumps nokogiri from 1.10.3 to 1.10.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's releases</a>.</em></p> <blockquote> <h2>1.10.10 / 2020-07-06</h2> <h3>Features</h3> <ul> <li>[MRI] Cross-built Windows gems now support Ruby 2.7 [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2029">#2029</a>]. Note that prior to this release, the v1.11.x prereleases provided this support.</li> </ul> <h2>1.10.9 / 2020-03-01</h2> <h3>Fixed</h3> <ul> <li>[MRI] Raise an exception when Nokogiri detects a specific libxml2 edge case involving blank Schema nodes wrapped by Ruby objects that would cause a segfault. Currently no fix is available upstream, so we're preventing a dangerous operation and informing users to code around it if possible. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1985">#1985</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2001">#2001</a>]</li> <li>[JRuby] Change <code>NodeSet#to_a</code> to return a RubyArray instead of Object, for compilation under JRuby 9.2.9 and later. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1968">#1968</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1969">#1969</a>] (Thanks, <a href="https://github.com/headius">@headius</a>!)</li> </ul> <h2>1.10.8 / 2020-02-10</h2> <h3>Security</h3> <p>[MRI] Pulled in upstream patch from libxml that addresses CVE-2020-7595. Full details are available in <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1992">#1992</a>. Note that this patch is not yet (as of 2020-02-10) in an upstream release of libxml.</p> <h2>1.10.7 / 2019-12-03</h2> <h3>Bug</h3> <ul> <li>[MRI] Ensure the patch applied in v1.10.6 works with GNU <code>patch</code>. <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1954">#1954</a></li> </ul> <h2>1.10.6 / 2019-12-03</h2> <h3>Bug</h3> <ul> <li>[MRI] Fix FreeBSD installation of vendored libxml2. [#1941, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1953">#1953</a>] (Thanks, <a href="https://github.com/nurse">@nurse</a>!)</li> </ul> <h2>1.10.5 / 2019-10-31</h2> <h3>Dependencies</h3> <ul> <li>[MRI] vendored libxml2 is updated from 2.9.9 to 2.9.10</li> <li>[MRI] vendored libxslt is updated from 1.1.33 to 1.1.34</li> </ul> <h2>1.10.4 / 2019-08-11</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md">nokogiri's changelog</a>.</em></p> <blockquote> <h2>1.10.10 / 2020-07-06</h2> <h3>Features</h3> <ul> <li>[MRI] Cross-built Windows gems now support Ruby 2.7 [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2029">#2029</a>]. Note that prior to this release, the v1.11.x prereleases provided this support.</li> </ul> <h2>1.10.9 / 2020-03-01</h2> <h3>Fixed</h3> <ul> <li>[MRI] Raise an exception when Nokogiri detects a specific libxml2 edge case involving blank Schema nodes wrapped by Ruby objects that would cause a segfault. Currently no fix is available upstream, so we're preventing a dangerous operation and informing users to code around it if possible. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1985">#1985</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2001">#2001</a>]</li> <li>[JRuby] Change <code>NodeSet#to_a</code> to return a RubyArray instead of Object, for compilation under JRuby 9.2.9 and later. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1968">#1968</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1969">#1969</a>] (Thanks, <a href="https://github.com/headius">@headius</a>!)</li> </ul> <h2>1.10.8 / 2020-02-10</h2> <h3>Security</h3> <p>[MRI] Pulled in upstream patch from libxml that addresses CVE-2020-7595. Full details are available in <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1992">#1992</a>. Note that this patch is not yet (as of 2020-02-10) in an upstream release of libxml.</p> <h2>1.10.7 / 2019-12-03</h2> <h3>Fixed</h3> <ul> <li>[MRI] Ensure the patch applied in v1.10.6 works with GNU <code>patch</code>. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1954">#1954</a>]</li> </ul> <h2>1.10.6 / 2019-12-03</h2> <h3>Fixed</h3> <ul> <li>[MRI] Fix FreeBSD installation of vendored libxml2. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1941">#1941</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1953">#1953</a>] (Thanks, <a href="https://github.com/nurse">@nurse</a>!)</li> </ul> <h2>1.10.5 / 2019-10-31</h2> <h3>Security</h3> <p>[MRI] Vendored libxslt upgraded to v1.1.34 which addresses three CVEs for libxslt:</p> <ul> <li>CVE-2019-13117</li> <li>CVE-2019-13118</li> <li>CVE-2019-18197</li> <li>CVE-2019-19956</li> </ul> <p>More details are available at <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1943">#1943</a>.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparklemotion/nokogiri/commit/a9a3717154bdb99ed6d0d785736eb471c9d6a954"><code>a9a3717</code></a> version bump to v1.10.10</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/d2d3c18a6c2db5b448381573c1248fe480198003"><code>d2d3c18</code></a> update CHANGELOG for v1.10.10</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/f0c324c1d93a2880a32dc46cf8766ff132409806"><code>f0c324c</code></a> Merge branch '2029-windows-support-for-ruby-27-on-v110x' into v1.10.x</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/c39e1b082e73557207db1468e4b567727a384579"><code>c39e1b0</code></a> Support fat binary gems for ruby-2.7</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/90916022e38fd48c3a9e3763b0f47f834261d399"><code>9091602</code></a> ci: only manage the v1.10.x pipeline on this branch</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/e2e191de387f854619bc8a3f9b39ca687fe0bf31"><code>e2e191d</code></a> version bump to v1.10.9</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/50f8fdeae4afb8582ff6347d7aa17822a1e11242"><code>50f8fde</code></a> update CHANGELOG</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/9b5deef76aeb5e3868cafb0b0956cca3708136f3"><code>9b5deef</code></a> Change return type to RubyArray</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/ae054f750283dccb1454d71dc00d0343dc2b1c60"><code>ae054f7</code></a> update CHANGELOG for <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1985">#1985</a></li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/71bcaf0bb1351c09e48f41f10314cb35bb4a4db4"><code>71bcaf0</code></a> Work around a bug in libxml2</li> <li>Additional commits viewable in <a href="https://github.com/sparklemotion/nokogiri/compare/v1.10.3...v1.10.10">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in a few seconds

create barnchConsejo-MOYSP/themes

branch : dependabot/bundler/nokogiri-1.10.10

created branch time in a few seconds

create barnchBloodStreaam/SRLFlores

branch : dependabot/npm_and_yarn/lodash-4.17.20

created branch time in a few seconds

PR opened BloodStreaam/SRLFlores

Bump lodash from 4.17.15 to 4.17.20

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

pr created time in a few seconds

push eventBloodStreaam/SRLFlores

BloodStream

commit sha 1dabac4c870b63a6361cb69ced86530013835925

update app-update plugin

view details

BloodStream

commit sha 362184b87d7aa32713403f8a6dee32be472f979c

Bug de falha de dados nas encomendas FIX

view details

dependabot[bot]

commit sha 7cd96faef29e790d6d2df5e04d2e59845de236a3

Bump elliptic from 6.5.2 to 6.5.3 Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

delete branch xebia-france/dashboard-conf-companion

delete branch : dependabot/npm_and_yarn/web2/elliptic-6.5.3

delete time in a few seconds

PR closed xebia-france/dashboard-conf-companion

build(deps): bump elliptic from 6.5.2 to 6.5.3 in /web2 dependencies

Bumps elliptic from 6.5.2 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in a few seconds

pull request commentxebia-france/dashboard-conf-companion

build(deps): bump elliptic from 6.5.2 to 6.5.3 in /web2

Looks like elliptic is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

delete branch xebia-france/dashboard-conf-companion

delete branch : dependabot/npm_and_yarn/web2/lodash-4.17.19

delete time in a few seconds

PR closed xebia-france/dashboard-conf-companion

build(deps): bump lodash from 4.17.15 to 4.17.19 in /web2 dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in a few seconds

pull request commentxebia-france/dashboard-conf-companion

build(deps): bump lodash from 4.17.15 to 4.17.19 in /web2

Looks like lodash is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

push eventTalmashiah/Simply-Shop

talmashiah

commit sha aa6b3d9e822c2bf1bf1071e918942c6c56cc07f2

compare modal mobile css fixes

view details

talmashiah

commit sha 59593a1cb7c43fa807bc408fa5fe758257c3a21b

unnecessary dependencies deleted

view details

dependabot[bot]

commit sha 169f49715cfd4149cad3658245b05464a135d980

Bump bl from 2.2.0 to 2.2.1 in /backend Bumps [bl](https://github.com/rvagg/bl) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/rvagg/bl/releases) - [Commits](https://github.com/rvagg/bl/compare/v2.2.0...v2.2.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

delete branch BloodStreaam/SRLFlores

delete branch : dependabot/npm_and_yarn/http-proxy-1.18.1

delete time in a few seconds

PR closed BloodStreaam/SRLFlores

Bump http-proxy from 1.17.0 to 1.18.1 dependencies

Bumps http-proxy from 1.17.0 to 1.18.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md">http-proxy's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...v1.18.1">v1.18.1</a> - 2020-05-17</h2> <h3>Merged</h3> <ul> <li>Skip sending the proxyReq event when the expect header is present <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1447"><code>#1447</code></a></li> <li>Remove node6 support, add node12 to build <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1397"><code>#1397</code></a></li> </ul> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.17.0...1.18.0">1.18.0</a> - 2019-09-18</h2> <h3>Merged</h3> <ul> <li>Added in auto-changelog module set to keepachangelog format <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1373"><code>#1373</code></a></li> <li>fix 'Modify Response' readme section to avoid unnecessary array copying <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1300"><code>#1300</code></a></li> <li>Fix incorrect target name for reverse proxy example <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1135"><code>#1135</code></a></li> <li>Fix modify response middleware example <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1139"><code>#1139</code></a></li> <li>[dist] Update dependency async to v3 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1359"><code>#1359</code></a></li> <li>Fix path to local http-proxy in examples. <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1072"><code>#1072</code></a></li> <li>fix reverse-proxy example require path <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1067"><code>#1067</code></a></li> <li>Update README.md <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/970"><code>#970</code></a></li> <li>[dist] Update dependency request to ~2.88.0 [SECURITY] <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1357"><code>#1357</code></a></li> <li>[dist] Update dependency eventemitter3 to v4 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1365"><code>#1365</code></a></li> <li>[dist] Update dependency colors to v1 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1360"><code>#1360</code></a></li> <li>[dist] Update all non-major dependencies <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1356"><code>#1356</code></a></li> <li>[dist] Update dependency agentkeepalive to v4 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1358"><code>#1358</code></a></li> <li>[dist] Update dependency nyc to v14 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1367"><code>#1367</code></a></li> <li>[dist] Update dependency concat-stream to v2 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1363"><code>#1363</code></a></li> <li>x-forwarded-host overwrite for mutli level proxies <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1267"><code>#1267</code></a></li> <li>[refactor doc] Complete rename to http-party org. <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1362"><code>#1362</code></a></li> <li>Highlight correct lines for createProxyServer <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1117"><code>#1117</code></a></li> <li>Fix docs for rewrite options - 201 also handled <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1147"><code>#1147</code></a></li> <li>Update .nyc_output <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1339"><code>#1339</code></a></li> <li>Configure Renovate <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1355"><code>#1355</code></a></li> <li>[examples] Restream body before proxying, support for Content-Type of application/x-www-form-urlencoded <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1264"><code>#1264</code></a></li> </ul> <h3>Commits</h3> <ul> <li>[dist] New test fixtures. <a href="https://github.com/http-party/node-http-proxy/commit/7e4a0e511bc30c059216860153301de2cdd1e97f"><code>7e4a0e5</code></a></li> <li>[dist] End of an era. <a href="https://github.com/http-party/node-http-proxy/commit/a9b09cce43f072db99fb5170030a05536177ccb7"><code>a9b09cc</code></a></li> <li>[dist] Version bump. 1.18.0 <a href="https://github.com/http-party/node-http-proxy/commit/9bbe486c5efcc356fb4d189ef38eee275bbde345"><code>9bbe486</code></a></li> <li>[fix] Latest versions. <a href="https://github.com/http-party/node-http-proxy/commit/59c4403e9dc15ab9b19ee2a3f4aecbfc6c3d94c4"><code>59c4403</code></a></li> <li>[fix test] Update tests. <a href="https://github.com/http-party/node-http-proxy/commit/dd1d08b6319d1def729554446a5b0176978a8dad"><code>dd1d08b</code></a></li> <li>[dist] Update dependency ws to v3 [SECURITY] <a href="https://github.com/http-party/node-http-proxy/commit/b00911c93740a00c5cfbacbb91565cb6912ed255"><code>b00911c</code></a></li> <li>[dist] .gitattributes all the things. <a href="https://github.com/http-party/node-http-proxy/commit/fc93520d741ec80be8ae31ca005f3e9c199e330e"><code>fc93520</code></a></li> <li>[dist] Regenerate package-lock.json. <a href="https://github.com/http-party/node-http-proxy/commit/16d4f8a95162b2e2e4ee6657c500f1208c044b2d"><code>16d4f8a</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/http-party/node-http-proxy/commit/9b96cd725127a024dabebec6c7ea8c807272223d"><code>9b96cd7</code></a> 1.18.1</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/335aeeba2f0c286dc89c402eeb76af47834c89a3"><code>335aeeb</code></a> Skip sending the proxyReq event when the expect header is present (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1447">#1447</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/dba39668ba4c9ad461316e834b2d64b77e1ca88e"><code>dba3966</code></a> Remove node6 support, add node12 to build (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1397">#1397</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/9bbe486c5efcc356fb4d189ef38eee275bbde345"><code>9bbe486</code></a> [dist] Version bump. 1.18.0</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/6e4bef4d1cd96e7a284717941e0fc274acbd3712"><code>6e4bef4</code></a> Added in auto-changelog module set to keepachangelog format (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1373">#1373</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/d05624167ce75e860770c13afeacec2ce0f67add"><code>d056241</code></a> fix 'Modify Response' readme section to avoid unnecessary array copying (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1300">#1300</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/244303b994525684e1ec8dff2e8055f89b62b1ee"><code>244303b</code></a> Fix incorrect target name for reverse proxy example (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1135">#1135</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/b4028ba78bc4616e6969e0e66b0fe4634849b68b"><code>b4028ba</code></a> Fix modify response middleware example (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1139">#1139</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/77a98159d2da0f20a03e2819c79662f36069f234"><code>77a9815</code></a> [dist] Update dependency async to v3 (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1359">#1359</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/c662f9ebcd8d623db374dbc7bef231b2b0af0c3a"><code>c662f9e</code></a> Fix path to local http-proxy in examples. (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1072">#1072</a>)</li> <li>Additional commits viewable in <a href="https://github.com/http-party/node-http-proxy/compare/1.17.0...1.18.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+20 -18

1 comment

1 changed file

dependabot[bot]

pr closed time in a few seconds

pull request commentBloodStreaam/SRLFlores

Bump http-proxy from 1.17.0 to 1.18.1

Looks like http-proxy is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

delete branch BloodStreaam/SRLFlores

delete branch : dependabot/npm_and_yarn/jquery-3.5.0

delete time in a few seconds

PR closed BloodStreaam/SRLFlores

Bump jquery from 3.4.1 to 3.5.0 dependencies

Bumps jquery from 3.4.1 to 3.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jquery/jquery/commit/7a0a850f3d41c0412609c1d32b1e602d4afe2f4e"><code>7a0a850</code></a> 3.5.0</li> <li><a href="https://github.com/jquery/jquery/commit/8570a08f6689223aa06ca8cc51d488c6d81d44f9"><code>8570a08</code></a> Release: Update AUTHORS.txt</li> <li><a href="https://github.com/jquery/jquery/commit/da3dd85b63c4e3a6a768132c2a83a1a6eec24840"><code>da3dd85</code></a> Ajax: Do not execute scripts for unsuccessful HTTP responses</li> <li><a href="https://github.com/jquery/jquery/commit/065143c2e93512eb0c82d1b344b71d06eb7cf01c"><code>065143c</code></a> Ajax: Overwrite s.contentType with content-type header value, if any</li> <li><a href="https://github.com/jquery/jquery/commit/1a4f10ddc37c34c6dc3a451ee451b5c6cf367399"><code>1a4f10d</code></a> Tests: Blacklist one focusin test in IE</li> <li><a href="https://github.com/jquery/jquery/commit/9e15d6b469556eccfa607c5ecf53b20c84529125"><code>9e15d6b</code></a> Event: Use only one focusin/out handler per matching window & document</li> <li><a href="https://github.com/jquery/jquery/commit/966a70909019aa09632c87c0002c522fa4a1e30e"><code>966a709</code></a> Manipulation: Skip the select wrapper for <option> outside of IE 9</li> <li><a href="https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"><code>1d61fd9</code></a> Manipulation: Make jQuery.htmlPrefilter an identity function</li> <li><a href="https://github.com/jquery/jquery/commit/04bf577e2f961c9dde85ddadc77f71bc7bc671cc"><code>04bf577</code></a> Selector: Update Sizzle from 2.3.4 to 2.3.5</li> <li><a href="https://github.com/jquery/jquery/commit/7506c9ca62a2f3ef773e19385918c31e9d62d412"><code>7506c9c</code></a> Build: Resolve Travis config warnings</li> <li>Additional commits viewable in <a href="https://github.com/jquery/jquery/compare/3.4.1...3.5.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mgol">mgol</a>, a new releaser for jquery since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in a few seconds

pull request commentBloodStreaam/SRLFlores

Bump jquery from 3.4.1 to 3.5.0

Looks like jquery is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

push eventMonogramm/mastodon

Eugen Rochko

commit sha 974b1b79ce58e6799e5e5bb576e630ca783150de

Add option to be notified when a followed user posts (#13546) * Add bell button Fix #4890 * Remove duplicate type from post-deployment migration * Fix legacy class type mappings * Improve query performance with better index * Fix validation * Remove redundant index from notifications

view details

dependabot[bot]

commit sha aeeb0252a4d9048048cd1e20e32c6a1a15c3a4dd

Bump @github/webauthn-json from 0.4.2 to 0.5.4 (#14823) Bumps [@github/webauthn-json](https://github.com/github/webauthn-json) from 0.4.2 to 0.5.4. - [Release notes](https://github.com/github/webauthn-json/releases) - [Commits](https://github.com/github/webauthn-json/compare/v0.4.2...v0.5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha b7d7485fe38a5e4a5b14006071fa2df026f5a8c7

Bump faker from 2.13.0 to 2.14.0 (#14824) Bumps [faker](https://github.com/faker-ruby/faker) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v2.13.0...v2.14.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 41bf9384ae5923ee1226712346f3ef290fe8a1dc

Bump better_errors from 2.7.1 to 2.8.1 (#14825) Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.7.1 to 2.8.1. - [Release notes](https://github.com/BetterErrors/better_errors/releases) - [Commits](https://github.com/BetterErrors/better_errors/compare/v2.7.1...v2.8.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 76adfb7173bb1996f3fbf9071055ac3b18940d03

Bump object.assign from 4.1.0 to 4.1.1 (#14828) Bumps [object.assign](https://github.com/ljharb/object.assign) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/ljharb/object.assign/releases) - [Changelog](https://github.com/ljharb/object.assign/blob/main/CHANGELOG.md) - [Commits](https://github.com/ljharb/object.assign/compare/v4.1.0...v4.1.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 3e027a5dd3a7c73e4f84a7ecdf7905c9b60468ad

Bump spdx-license-ids from 3.0.5 to 3.0.6 (#14852) Bumps [spdx-license-ids](https://github.com/jslicense/spdx-license-ids) from 3.0.5 to 3.0.6. - [Release notes](https://github.com/jslicense/spdx-license-ids/releases) - [Commits](https://github.com/jslicense/spdx-license-ids/compare/v3.0.5...v3.0.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha dd7c70a615f0327470eabce5610abb1763456a44

Bump aws-sdk-s3 from 1.80.0 to 1.81.0 (#14826) Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.80.0 to 1.81.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha c36e94f65b92f888714926d68b995f111b60beb3

Bump caniuse-lite from 1.0.30001129 to 1.0.30001133 (#14831) Bumps [caniuse-lite](https://github.com/ben-eb/caniuse-lite) from 1.0.30001129 to 1.0.30001133. - [Release notes](https://github.com/ben-eb/caniuse-lite/releases) - [Changelog](https://github.com/ben-eb/caniuse-lite/blob/master/CHANGELOG.md) - [Commits](https://github.com/ben-eb/caniuse-lite/compare/v1.0.30001129...v1.0.30001133) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 9e489adb26e3fef8b501d653c806f7795734a2ce

Bump dot-prop from 5.2.0 to 5.3.0 (#14842) Bumps [dot-prop](https://github.com/sindresorhus/dot-prop) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/sindresorhus/dot-prop/releases) - [Commits](https://github.com/sindresorhus/dot-prop/compare/v5.2.0...v5.3.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha aaae44ab85bb8e4723c6c6d3fcc9d5d292abbb2a

Bump abab from 2.0.4 to 2.0.5 (#14844) Bumps [abab](https://github.com/jsdom/abab) from 2.0.4 to 2.0.5. - [Release notes](https://github.com/jsdom/abab/releases) - [Changelog](https://github.com/jsdom/abab/blob/master/CHANGELOG.md) - [Commits](https://github.com/jsdom/abab/compare/2.0.4...2.0.5) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 8c1d8d81a39811f94221ffa1587d3b2ba83f8c21

Bump jest-worker from 26.2.1 to 26.3.0 (#14849) Bumps [jest-worker](https://github.com/facebook/jest/tree/HEAD/packages/jest-worker) from 26.2.1 to 26.3.0. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v26.3.0/packages/jest-worker) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha c5473bfe1be8cf7daddafcb6f7e0517809c50a5b

Bump file-loader from 6.0.0 to 6.1.0 (#14854) Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/webpack-contrib/file-loader/releases) - [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/file-loader/compare/v6.0.0...v6.1.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha b9a28ba138f974707989f92d78ce231e8bb67d8f

Bump escalade from 3.0.2 to 3.1.0 (#14851) Bumps [escalade](https://github.com/lukeed/escalade) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/lukeed/escalade/releases) - [Commits](https://github.com/lukeed/escalade/compare/v3.0.2...v3.1.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 1ca54375215c830930f4149704ce95b2841b3081

Bump webpack from 4.44.1 to 4.44.2 (#14847) Bumps [webpack](https://github.com/webpack/webpack) from 4.44.1 to 4.44.2. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v4.44.1...v4.44.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

Eugen Rochko

commit sha 8c8bf0289f6b166d7a0f6145347d5cd345977828

Fix not being able to enable status notifications in Web Push API (#14822)

view details

Takeshi Umeda

commit sha 070026e6348f594c6521237cf0e6b90c8ee813ce

Fix method of the DELETE DATA button (#14855)

view details

dependabot[bot]

commit sha 687e04aaa01af42d7bc297c63a708fc2dfdba8d0

Bump fugit from 1.3.8 to 1.3.9 (#14829) Bumps [fugit](https://github.com/floraison/fugit) from 1.3.8 to 1.3.9. - [Release notes](https://github.com/floraison/fugit/releases) - [Changelog](https://github.com/floraison/fugit/blob/master/CHANGELOG.md) - [Commits](https://github.com/floraison/fugit/compare/v1.3.8...v1.3.9) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha cc8c7d6477a66930aaa4fd04f52cadef0d3d9a9e

Bump rubocop-rails from 2.8.0 to 2.8.1 (#14832) Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases) - [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.8.0...v2.8.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 19353df01d500d109b0a240c39bcec61d354dc0a

Bump crack from 0.4.3 to 0.4.4 (#14833) Bumps [crack](https://github.com/jnunemaker/crack) from 0.4.3 to 0.4.4. - [Release notes](https://github.com/jnunemaker/crack/releases) - [Changelog](https://github.com/jnunemaker/crack/blob/master/History) - [Commits](https://github.com/jnunemaker/crack/compare/v0.4.3...v0.4.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 36da58556c194d98b9319d43d26598938ee41d40

Bump devise from 4.7.2 to 4.7.3 (#14845) Bumps [devise](https://github.com/plataformatec/devise) from 4.7.2 to 4.7.3. - [Release notes](https://github.com/plataformatec/devise/releases) - [Changelog](https://github.com/heartcombo/devise/blob/master/CHANGELOG.md) - [Commits](https://github.com/plataformatec/devise/compare/v4.7.2...v4.7.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in a few seconds

PR closed Monogramm/mastodon

Bump puma from 4.3.6 to 5.0.0 dependencies ruby

Bumps puma from 4.3.6 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/puma/puma/releases">puma's releases</a>.</em></p> <blockquote> <h2>5.0 - Spoony Bard</h2> <h2>5.0.0</h2> <p><img src="https://user-images.githubusercontent.com/845662/93504076-3428cb80-f8d6-11ea-8026-619316b89165.jpg" alt="Spoony_Bard" /></p> <ul> <li> <p>Features</p> <ul> <li>Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a>)</li> <li>EXPERIMENTAL: Add <code>fork_worker</code> option and <code>refork</code> command for reduced memory usage by forking from a worker process instead of the master process. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2099">#2099</a>)</li> <li>EXPERIMENTAL: Added <code>wait_for_less_busy_worker</code> config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2079">#2079</a>).</li> <li>EXPERIMENTAL: Added <code>nakayoshi_fork</code> option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2093">#2093</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2256">#2256</a>)</li> <li>Added pumactl <code>thread-backtraces</code> command to print thread backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2054">#2054</a>)</li> <li>Added incrementing <code>requests_count</code> to <code>Puma.stats</code>. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2106">#2106</a>)</li> <li>Increased maximum URI path length from 2048 to 8192 bytes (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2167">#2167</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2344">#2344</a>)</li> <li><code>lowlevel_error_handler</code> is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2203">#2203</a>)</li> <li>Faster phased restart and worker timeout (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Added <code>state_permission</code> to config DSL to set state file permissions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2238">#2238</a>)</li> <li>Added <code>Puma.stats_hash</code>, which returns a stats in Hash instead of a JSON string (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2086">#2086</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2253">#2253</a>)</li> <li><code>rack.multithread</code> and <code>rack.multiprocess</code> now dynamically resolved by <code>max_thread</code> and <code>workers</code> respectively (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2288">#2288</a>)</li> </ul> </li> <li> <p>Deprecations, Removals and Breaking API Changes</p> <ul> <li><code>--control</code> has been removed. Use <code>--control-url</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1487">#1487</a>)</li> <li><code>worker_directory</code> has been removed. Use <code>directory</code>.</li> <li>min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads default to 5 in MRI or 16 for all other interpreters. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>preload by default if workers > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li><code>tcp_mode</code> has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2169">#2169</a>)</li> <li>Daemonization has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2170">#2170</a>)</li> <li>Changed #connected_port to #connected_ports (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2076">#2076</a>)</li> <li>Configuration: <code>environment</code> is read from <code>RAILS_ENV</code>, if <code>RACK_ENV</code> can't be found (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2022">#2022</a>)</li> <li>Log binding on http:// for TCP bindings to make it clickable</li> </ul> </li> <li> <p>Bugfixes</p> <ul> <li>Fix JSON loading issues on phased-restarts (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li> <li>Improve shutdown reliability (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2312">#2312</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2338">#2338</a>)</li> <li>Close client http connections made to an ssl server with TLSv1.3 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2116">#2116</a>)</li> <li>Do not set user_config to quiet by default to allow for file config (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2074">#2074</a>)</li> <li>Always close SSL connection in Puma::ControlCLI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2211">#2211</a>)</li> <li>Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2069">#2069</a>)</li> <li>Ensure control server Unix socket is closed on shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2112">#2112</a>)</li> <li>Preserve <code>BUNDLE_GEMFILE</code> env var when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1893">#1893</a>)</li> <li>Send 408 request timeout even when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2119">#2119</a>)</li> <li>Rescue IO::WaitReadable instead of EAGAIN for blocking read (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2121">#2121</a>)</li> <li>Ensure <code>BUNDLE_GEMFILE</code> is unspecified in workers if unspecified in master when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2154">#2154</a>)</li> <li>Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1551">#1551</a>)</li> <li>Read directly from the socket in #read_and_drop to avoid raising further SSL errors (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2198">#2198</a>)</li> <li>Set <code>Connection: closed</code> header when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2216">#2216</a>)</li> <li>Pass queued requests to thread pool on server shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2122">#2122</a>)</li> <li>Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/puma/puma/blob/master/History.md">puma's changelog</a>.</em></p> <blockquote> <h2>5.0.0</h2> <ul> <li> <p>Features</p> <ul> <li>Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a>)</li> <li>EXPERIMENTAL: Add <code>fork_worker</code> option and <code>refork</code> command for reduced memory usage by forking from a worker process instead of the master process. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2099">#2099</a>)</li> <li>EXPERIMENTAL: Added <code>wait_for_less_busy_worker</code> config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2079">#2079</a>).</li> <li>EXPERIMENTAL: Added <code>nakayoshi_fork</code> option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2093">#2093</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2256">#2256</a>)</li> <li>Added pumactl <code>thread-backtraces</code> command to print thread backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2054">#2054</a>)</li> <li>Added incrementing <code>requests_count</code> to <code>Puma.stats</code>. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2106">#2106</a>)</li> <li>Increased maximum URI path length from 2048 to 8192 bytes (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2167">#2167</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2344">#2344</a>)</li> <li><code>lowlevel_error_handler</code> is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2203">#2203</a>)</li> <li>Faster phased restart and worker timeout (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Added <code>state_permission</code> to config DSL to set state file permissions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2238">#2238</a>)</li> <li>Added <code>Puma.stats_hash</code>, which returns a stats in Hash instead of a JSON string (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2086">#2086</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2253">#2253</a>)</li> <li><code>rack.multithread</code> and <code>rack.multiprocess</code> now dynamically resolved by <code>max_thread</code> and <code>workers</code> respectively (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2288">#2288</a>)</li> </ul> </li> <li> <p>Deprecations, Removals and Breaking API Changes</p> <ul> <li><code>--control</code> has been removed. Use <code>--control-url</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1487">#1487</a>)</li> <li><code>worker_directory</code> has been removed. Use <code>directory</code>.</li> <li>min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads default to 5 in MRI or 16 for all other interpreters. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>preload by default if workers > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li><code>tcp_mode</code> has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2169">#2169</a>)</li> <li>Daemonization has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2170">#2170</a>)</li> <li>Changed #connected_port to #connected_ports (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2076">#2076</a>)</li> <li>Configuration: <code>environment</code> is read from <code>RAILS_ENV</code>, if <code>RACK_ENV</code> can't be found (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2022">#2022</a>)</li> <li>Log binding on http:// for TCP bindings to make it clickable</li> </ul> </li> <li> <p>Bugfixes</p> <ul> <li>Fix JSON loading issues on phased-restarts (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li> <li>Improve shutdown reliability (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2312">#2312</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2338">#2338</a>)</li> <li>Close client http connections made to an ssl server with TLSv1.3 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2116">#2116</a>)</li> <li>Do not set user_config to quiet by default to allow for file config (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2074">#2074</a>)</li> <li>Always close SSL connection in Puma::ControlCLI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2211">#2211</a>)</li> <li>Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2069">#2069</a>)</li> <li>Ensure control server Unix socket is closed on shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2112">#2112</a>)</li> <li>Preserve <code>BUNDLE_GEMFILE</code> env var when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1893">#1893</a>)</li> <li>Send 408 request timeout even when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2119">#2119</a>)</li> <li>Rescue IO::WaitReadable instead of EAGAIN for blocking read (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2121">#2121</a>)</li> <li>Ensure <code>BUNDLE_GEMFILE</code> is unspecified in workers if unspecified in master when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2154">#2154</a>)</li> <li>Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1551">#1551</a>)</li> <li>Read directly from the socket in #read_and_drop to avoid raising further SSL errors (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2198">#2198</a>)</li> <li>Set <code>Connection: closed</code> header when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2216">#2216</a>)</li> <li>Pass queued requests to thread pool on server shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2122">#2122</a>)</li> <li>Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Fix <code>out_of_band</code> hook never executed if the number of worker threads is > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2177">#2177</a>)</li> <li>Fix ThreadPool#shutdown timeout accuracy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2221">#2221</a>)</li> <li>Fix <code>UserFileDefaultOptions#fetch</code> to properly use <code>default</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2233">#2233</a>)</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/puma/puma/commit/13e18e8078c800adfc52af687acc1d8de5f3988d"><code>13e18e8</code></a> Puma 5</li> <li><a href="https://github.com/puma/puma/commit/4be4069d6e7db8a06196c758b9b7cb3c7b42c473"><code>4be4069</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2370">#2370</a> from MSP-Greg/fix-2368</li> <li><a href="https://github.com/puma/puma/commit/b895566894d9f75ba3b896d5759bb1c6589244ee"><code>b895566</code></a> Fix my errors in 2368</li> <li><a href="https://github.com/puma/puma/commit/038a0d9da95a58d128bbbd76ebaacacd184e47e2"><code>038a0d9</code></a> Documentation - add version info, misc fixes [ci skip] (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2368">#2368</a>)</li> <li><a href="https://github.com/puma/puma/commit/18f1810c9cdec3fac50fc49dc35e8b478d637f32"><code>18f1810</code></a> test/helper.rb -TimeoutEveryTestCase - set non MRI timeouts to 60 sec</li> <li><a href="https://github.com/puma/puma/commit/0ab0eecb29325670d6e56223c85162aaa4ac5694"><code>0ab0eec</code></a> Leave DISABLE_SSL undocumented</li> <li><a href="https://github.com/puma/puma/commit/1ebdf11ab1d886e6731dd5930930ce9a7db80079"><code>1ebdf11</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a> from MSP-Greg/no-ssl</li> <li><a href="https://github.com/puma/puma/commit/7b3c08ab6b5c509e0d8cada274d4c98294e500d1"><code>7b3c08a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2365">#2365</a> from MSP-Greg/test-timeout</li> <li><a href="https://github.com/puma/puma/commit/5b5698648edcd5a938e992140d8b9c2a0b95008b"><code>5b56986</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2364">#2364</a> from MSP-Greg/share-cert</li> <li><a href="https://github.com/puma/puma/commit/fe2c25ba559a5ccebf9426a54102f91156e335a7"><code>fe2c25b</code></a> README.md - add 'SSL Connection Support' section</li> <li>Additional commits viewable in <a href="https://github.com/puma/puma/compare/v4.3.6...v5.0.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in a few seconds

delete branch Monogramm/mastodon

delete branch : dependabot/bundler/puma-5.0.0

delete time in a few seconds

pull request commentMonogramm/mastodon

Bump puma from 4.3.6 to 5.0.0

Looks like puma is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

delete branch vieko/website-cgda

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in a minute

PR opened astral-atlas/wildspace

Bump lodash from 4.17.15 to 4.17.20 in /web

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+42 -3

0 comment

1 changed file

pr created time in a minute

PR closed astral-atlas/wildspace

Bump lodash from 4.17.15 to 4.17.19 in /api dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in a minute

pull request commentastral-atlas/wildspace

Bump lodash from 4.17.15 to 4.17.19 in /api

Looks like lodash is no longer a dependency, so this is no longer needed.

dependabot[bot]

comment created time in a minute

push eventcqfn/diKTat

dependabot[bot]

commit sha 3b326ba6fde02a027d8bcc72aefd4b1ca391b579

Bump jacoco-maven-plugin from 0.8.5 to 0.8.6 (#309) Bumps [jacoco-maven-plugin](https://github.com/jacoco/jacoco) from 0.8.5 to 0.8.6. - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](https://github.com/jacoco/jacoco/compare/v0.8.5...v0.8.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Peter Trifanov <peter.trifanov@mail.ru>

view details

dependabot[bot]

commit sha d6aa1d230e088ecf5b76278dca6f5440c2ab2f4b

Bump kotlin.version from 1.3.72 to 1.4.10 Bumps `kotlin.version` from 1.3.72 to 1.4.10. Updates `kotlin-stdlib` from 1.3.72 to 1.4.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.4.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.3.72...v1.4.10) Updates `kotlin-compiler-embeddable` from 1.3.72 to 1.4.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.4.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.3.72...v1.4.10) Updates `kotlin-maven-plugin` from 1.3.72 to 1.4.10 Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/axios-0.18.1

delete time in a minute

push eventclaresudbery/clare-wiki-ably

dependabot[bot]

commit sha 8729dd50655a5cfbb20550083305c4f618107d71

Bump rack from 2.1.1 to 2.2.3 Bumps [rack](https://github.com/rack/rack) from 2.1.1 to 2.2.3. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.1.1...2.2.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

delete branch dictyBase/dicty-components-header-footer

delete branch : dependabot/npm_and_yarn/react-styleguidist-11.1.0

delete time in a minute

pull request commentartdong/vue-admin

Bump axios from 0.15.3 to 0.18.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in a minute

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/webpack-bundle-analyzer-3.3.2

delete time in a minute

PR opened luisganiceto/gostack-conceitos-reactjs

Bump elliptic from 6.5.2 to 6.5.3

Bumps elliptic from 6.5.2 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

pr created time in a minute

delete branch BIWhitfield/habitual-linestepper-client

delete branch : dependabot/npm_and_yarn/lodash.template-4.5.0

delete time in 2 minutes

delete branch jianshaow/code-search

delete branch : dependabot/maven/code-search-parent/lucene.version-8.6.2

delete time in 2 minutes

delete branch Victorb999/PokeAgenda

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 2 minutes

PR opened luisganiceto/gostack-conceitos-reactjs

Bump http-proxy from 1.18.0 to 1.18.1

Bumps http-proxy from 1.18.0 to 1.18.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md">http-proxy's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...v1.18.1">v1.18.1</a> - 2020-05-17</h2> <h3>Merged</h3> <ul> <li>Skip sending the proxyReq event when the expect header is present <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1447"><code>#1447</code></a></li> <li>Remove node6 support, add node12 to build <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1397"><code>#1397</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/http-party/node-http-proxy/commit/9b96cd725127a024dabebec6c7ea8c807272223d"><code>9b96cd7</code></a> 1.18.1</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/335aeeba2f0c286dc89c402eeb76af47834c89a3"><code>335aeeb</code></a> Skip sending the proxyReq event when the expect header is present (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1447">#1447</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/dba39668ba4c9ad461316e834b2d64b77e1ca88e"><code>dba3966</code></a> Remove node6 support, add node12 to build (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1397">#1397</a>)</li> <li>See full diff in <a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+10 -12

0 comment

1 changed file

pr created time in 2 minutes

PR opened luisganiceto/gostack-conceitos-reactjs

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 2 minutes

pull request commentartdong/vue-admin

Bump webpack-bundle-analyzer from 2.13.1 to 3.3.2

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 2 minutes

push eventVictorb999/PokeAgenda

dependabot[bot]

commit sha 4121f78f1ff2fdabe0f3382cf4ef5a627b75a4ab

Bump elliptic from 6.5.2 to 6.5.3 Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 29e2da8a39418473bee4a03a0b85412c0f998910

Bump http-proxy from 1.18.0 to 1.18.1 Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Victor Araújo

commit sha aac44637b566c0b3021e5a03d44130d1c99fdbca

Merge pull request #7 from Victorb999/dependabot/npm_and_yarn/elliptic-6.5.3 Bump elliptic from 6.5.2 to 6.5.3

view details

Victor Araújo

commit sha a59381e3096025afae87fdf2092deda81d555e58

Merge pull request #8 from Victorb999/dependabot/npm_and_yarn/http-proxy-1.18.1 Bump http-proxy from 1.18.0 to 1.18.1

view details

dependabot[bot]

commit sha b869ad322c546b4254f22662b04eebfe242c7d07

Bump lodash from 4.17.15 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

push eventclaresudbery/clare-wiki-ably

Clare Sudbery

commit sha 338db0d00f6b12ce675f95bb3e52c4e1666a0fd2

Liberating structures

view details

Clare Sudbery

commit sha 9533953702f86d4abc8b813def8a1d52fb67c3a4

check how you're being measured

view details

Clare Sudbery

commit sha b4f08e79f83c3cd55c123bc641b4025d37555466

Merge ; commit '338db0d00f6b12ce675f95bb3e52c4e1666a0fd2' Conflicts: pages/think/leading/tech-lead-list.md

view details

Clare Sudbery

commit sha 23d17506766eebf000ba9c2d34b5055c72e525ff

rename file

view details

Clare Sudbery

commit sha c41824ffe686f3c7aa62c3b6e23378121eb466b3

vertical text selection in vs code

view details

Clare Sudbery

commit sha 6b0117271ab05f574a4c1127546eb4546a0db968

More Ruby links

view details

Clare Sudbery

commit sha 708f49898f996cd210856a32a3c155b4410b2792

tdd link, ruby links, tidying ruby file a little

view details

Clare Sudbery

commit sha dee86312688689f20ca11ca3849b60fc8150e51f

more ruby notes

view details

Clare Sudbery

commit sha b887f808d26d6e59394851a370ce490106305c83

logic notes

view details

Clare Sudbery

commit sha 997ea86fca1b58b4dcd5d7362abed349d17f0e98

reinstate gemfile.lock

view details

dependabot[bot]

commit sha 23d32a276b2fa64cb3f1e9499b6cbed2a556f55d

Bump rack from 2.1.1 to 2.2.3 Bumps [rack](https://github.com/rack/rack) from 2.1.1 to 2.2.3. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.1.1...2.2.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

push eventnaruminagayama/CARAVAN

dependabot[bot]

commit sha b622b25c368e2c5385ec296e6202b63b8f528e56

Bump websocket-extensions from 0.1.3 to 0.1.4 Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4. - [Release notes](https://github.com/faye/websocket-extensions-node/releases) - [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 48e148133a31defe26ab7be2aef20895d662de20

Bump puma from 4.3.3 to 4.3.5 Bumps [puma](https://github.com/puma/puma) from 4.3.3 to 4.3.5. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/commits) Signed-off-by: dependabot[bot] <support@github.com>

view details

naruminagayama

commit sha 22ff16ca6f42fbc391e3b2ac9c839bfa20662aa0

Merge pull request #2 from naruminagayama/dependabot/npm_and_yarn/websocket-extensions-0.1.4 Bump websocket-extensions from 0.1.3 to 0.1.4

view details

naruminagayama

commit sha e2fcd3a2cf71de1f0f3bcdb2daf679617bc4019e

Merge pull request #3 from naruminagayama/dependabot/bundler/puma-4.3.5 Bump puma from 4.3.3 to 4.3.5

view details

dependabot[bot]

commit sha 825e6e26e32410dd98715f7b601a79b0939a675d

Bump rack from 2.2.2 to 2.2.3 Bumps [rack](https://github.com/rack/rack) from 2.2.2 to 2.2.3. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.2...2.2.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

push eventclaresudbery/clare-wiki-ably

Clare Sudbery

commit sha 338db0d00f6b12ce675f95bb3e52c4e1666a0fd2

Liberating structures

view details

Clare Sudbery

commit sha 9533953702f86d4abc8b813def8a1d52fb67c3a4

check how you're being measured

view details

Clare Sudbery

commit sha b4f08e79f83c3cd55c123bc641b4025d37555466

Merge ; commit '338db0d00f6b12ce675f95bb3e52c4e1666a0fd2' Conflicts: pages/think/leading/tech-lead-list.md

view details

Clare Sudbery

commit sha 23d17506766eebf000ba9c2d34b5055c72e525ff

rename file

view details

Clare Sudbery

commit sha c41824ffe686f3c7aa62c3b6e23378121eb466b3

vertical text selection in vs code

view details

Clare Sudbery

commit sha 6b0117271ab05f574a4c1127546eb4546a0db968

More Ruby links

view details

Clare Sudbery

commit sha 708f49898f996cd210856a32a3c155b4410b2792

tdd link, ruby links, tidying ruby file a little

view details

Clare Sudbery

commit sha dee86312688689f20ca11ca3849b60fc8150e51f

more ruby notes

view details

Clare Sudbery

commit sha b887f808d26d6e59394851a370ce490106305c83

logic notes

view details

Clare Sudbery

commit sha 997ea86fca1b58b4dcd5d7362abed349d17f0e98

reinstate gemfile.lock

view details

dependabot[bot]

commit sha 47878cfc099e1426fdc8b83c643bb0574a48aba1

Bump nokogiri from 1.10.4 to 1.10.8 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.4...v1.10.8) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 2 minutes

delete branch BIWhitfield/habitual-linestepper-client

delete branch : dependabot/npm_and_yarn/mixin-deep-1.3.2

delete time in 2 minutes

pull request commentartdong/vue-admin

Bump lodash from 4.17.15 to 4.17.19

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 2 minutes

delete branch jianshaow/code-search

delete branch : dependabot/maven/jdemo/org.apache.ant-ant-1.9.15

delete time in 2 minutes

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 2 minutes

pull request commentartdong/vue-admin

Bump elliptic from 6.5.0 to 6.5.3

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 2 minutes

push eventVictorb999/PokeAgenda

dependabot[bot]

commit sha 42c48f5dde748d71c8db938a59cf7f3463ddc632

Bump npm from 6.14.4 to 6.14.6 Bumps [npm](https://github.com/npm/cli) from 6.14.4 to 6.14.6. - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md) - [Commits](https://github.com/npm/cli/compare/v6.14.4...v6.14.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 8b2daa1a2f2412242b8379315738729011a1d02c

Bump node-fetch from 2.6.0 to 2.6.1 Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/bitinn/node-fetch/releases) - [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Victor Araújo

commit sha c70de8f4d9f1be1737f348c744b7d9771e47c97d

Merge pull request #9 from Victorb999/dependabot/npm_and_yarn/node-fetch-2.6.1 Bump node-fetch from 2.6.0 to 2.6.1

view details

Victor Araújo

commit sha 58f003d92cd463221db600f8678fb2e0c9911231

Merge pull request #5 from Victorb999/dependabot/npm_and_yarn/npm-6.14.6 Bump npm from 6.14.4 to 6.14.6

view details

dependabot[bot]

commit sha 9384cfcab43d29a9dee21b7fee074e4c28e3c61c

Bump lodash from 4.17.15 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

delete branch naruminagayama/CARAVAN

delete branch : dependabot/bundler/puma-4.3.5

delete time in 2 minutes

PR opened Fifaliana-tech/Kalyanio

Bump mixin-deep from 1.3.1 to 1.3.2 in /public/admin/flag-icon-css-master

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+5 -5

0 comment

1 changed file

pr created time in 2 minutes

delete branch Victorb999/PokeAgenda

delete branch : dependabot/npm_and_yarn/http-proxy-1.18.1

delete time in 2 minutes

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/node-sass-4.13.1

delete time in 3 minutes

PR opened Fifaliana-tech/Kalyanio

Bump lodash from 4.17.11 to 4.17.20 in /public/admin/flag-icon-css-master

Bumps lodash from 4.17.11 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.11...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+5 -5

0 comment

1 changed file

pr created time in 3 minutes

PR opened Fifaliana-tech/Kalyanio

Bump websocket-extensions from 0.1.3 to 0.1.4 in /public/admin/flag-icon-css-master

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+5 -5

0 comment

1 changed file

pr created time in 3 minutes

pull request commentartdong/vue-admin

Bump node-sass from 4.12.0 to 4.13.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 3 minutes

delete branch Victorb999/PokeAgenda

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 3 minutes

delete branch BIWhitfield/habitual-linestepper-client

delete branch : dependabot/npm_and_yarn/acorn-5.7.4

delete time in 3 minutes

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/showdown-1.9.1

delete time in 3 minutes

pull request commentartdong/vue-admin

Bump showdown from 1.7.1 to 1.9.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 3 minutes

delete branch Alan-Pross/University-Assistant

delete branch : dependabot/maven/yun/net.sourceforge.htmlunit-htmlunit-2.37.0

delete time in 3 minutes

delete branch Victorb999/PokeAgenda

delete branch : dependabot/npm_and_yarn/npm-6.14.6

delete time in 3 minutes

delete branch BIWhitfield/habitual-linestepper-client

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in 3 minutes

delete branch Akinzekeel/BlazorGrid

delete branch : dependabot/npm_and_yarn/BlazorGrid/lodash-4.17.20

delete time in 3 minutes

delete branch artdong/vue-admin

delete branch : dependabot/npm_and_yarn/http-proxy-1.18.1

delete time in 3 minutes

delete branch Victorb999/PokeAgenda

delete branch : dependabot/npm_and_yarn/node-fetch-2.6.1

delete time in 3 minutes

push eventsomeone7140/react

dependabot[bot]

commit sha 44881936aa54f2e824b76714353dbc15ee956a3f

Bump http-proxy from 1.18.0 to 1.18.1 in /covit19-view Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

takafumi.ito

commit sha 716f6fc5ef15c24cc00edc165583a9b6c418eaeb

Merge pull request #9 from someone7140/dependabot/npm_and_yarn/covit19-view/http-proxy-1.18.1 Bump http-proxy from 1.18.0 to 1.18.1 in /covit19-view

view details

dependabot[bot]

commit sha add3efe5e811339bc84ca1b6dea5c04d77edce45

Bump http-proxy from 1.18.0 to 1.18.1 in /delivery-view Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 3 minutes

pull request commentartdong/vue-admin

Bump http-proxy from 1.17.0 to 1.18.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 3 minutes

pull request commentAnzinius/Solidity_Repository

Bump lodash from 4.17.15 to 4.17.20 in /Ethereum_Dapps/wallet-base

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

pull request commentAnzinius/Solidity_Repository

Bump decompress from 4.2.0 to 4.2.1 in /Ethereum_Dapps/wallet-base

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

pull request commentbright72/Eventpic-frontend

Bump django from 2.2.10 to 2.2.13 in /Backup Test System

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

push eventsomeone7140/react

dependabot[bot]

commit sha 44881936aa54f2e824b76714353dbc15ee956a3f

Bump http-proxy from 1.18.0 to 1.18.1 in /covit19-view Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

takafumi.ito

commit sha 716f6fc5ef15c24cc00edc165583a9b6c418eaeb

Merge pull request #9 from someone7140/dependabot/npm_and_yarn/covit19-view/http-proxy-1.18.1 Bump http-proxy from 1.18.0 to 1.18.1 in /covit19-view

view details

dependabot[bot]

commit sha d0ee8629ce40fcd60b6e40efba3ea56e90236bfe

Bump http-proxy from 1.18.0 to 1.18.1 in /twitter-search-view Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 3 minutes

pull request commentbright72/Eventpic-frontend

Bump elliptic from 6.4.0 to 6.5.3 in /Backup Test System

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

pull request commentbright72/Eventpic-frontend

Bump lodash from 4.17.13 to 4.17.19 in /Backup Test System

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

pull request commentbright72/Eventpic-frontend

Bump http-proxy from 1.17.0 to 1.18.1 in /Backup Test System

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 3 minutes

delete branch NeatNerdPrime/mastodon

delete branch : dependabot/bundler/puma-5.0.0

delete time in 4 minutes

PR closed NeatNerdPrime/mastodon

Bump puma from 4.3.6 to 5.0.0 dependencies ruby

Bumps puma from 4.3.6 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/puma/puma/releases">puma's releases</a>.</em></p> <blockquote> <h2>5.0 - Spoony Bard</h2> <h2>5.0.0</h2> <p><img src="https://user-images.githubusercontent.com/845662/93504076-3428cb80-f8d6-11ea-8026-619316b89165.jpg" alt="Spoony_Bard" /></p> <ul> <li> <p>Features</p> <ul> <li>Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a>)</li> <li>EXPERIMENTAL: Add <code>fork_worker</code> option and <code>refork</code> command for reduced memory usage by forking from a worker process instead of the master process. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2099">#2099</a>)</li> <li>EXPERIMENTAL: Added <code>wait_for_less_busy_worker</code> config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2079">#2079</a>).</li> <li>EXPERIMENTAL: Added <code>nakayoshi_fork</code> option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2093">#2093</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2256">#2256</a>)</li> <li>Added pumactl <code>thread-backtraces</code> command to print thread backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2054">#2054</a>)</li> <li>Added incrementing <code>requests_count</code> to <code>Puma.stats</code>. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2106">#2106</a>)</li> <li>Increased maximum URI path length from 2048 to 8192 bytes (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2167">#2167</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2344">#2344</a>)</li> <li><code>lowlevel_error_handler</code> is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2203">#2203</a>)</li> <li>Faster phased restart and worker timeout (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Added <code>state_permission</code> to config DSL to set state file permissions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2238">#2238</a>)</li> <li>Added <code>Puma.stats_hash</code>, which returns a stats in Hash instead of a JSON string (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2086">#2086</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2253">#2253</a>)</li> <li><code>rack.multithread</code> and <code>rack.multiprocess</code> now dynamically resolved by <code>max_thread</code> and <code>workers</code> respectively (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2288">#2288</a>)</li> </ul> </li> <li> <p>Deprecations, Removals and Breaking API Changes</p> <ul> <li><code>--control</code> has been removed. Use <code>--control-url</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1487">#1487</a>)</li> <li><code>worker_directory</code> has been removed. Use <code>directory</code>.</li> <li>min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads default to 5 in MRI or 16 for all other interpreters. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>preload by default if workers > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li><code>tcp_mode</code> has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2169">#2169</a>)</li> <li>Daemonization has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2170">#2170</a>)</li> <li>Changed #connected_port to #connected_ports (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2076">#2076</a>)</li> <li>Configuration: <code>environment</code> is read from <code>RAILS_ENV</code>, if <code>RACK_ENV</code> can't be found (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2022">#2022</a>)</li> <li>Log binding on http:// for TCP bindings to make it clickable</li> </ul> </li> <li> <p>Bugfixes</p> <ul> <li>Fix JSON loading issues on phased-restarts (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li> <li>Improve shutdown reliability (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2312">#2312</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2338">#2338</a>)</li> <li>Close client http connections made to an ssl server with TLSv1.3 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2116">#2116</a>)</li> <li>Do not set user_config to quiet by default to allow for file config (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2074">#2074</a>)</li> <li>Always close SSL connection in Puma::ControlCLI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2211">#2211</a>)</li> <li>Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2069">#2069</a>)</li> <li>Ensure control server Unix socket is closed on shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2112">#2112</a>)</li> <li>Preserve <code>BUNDLE_GEMFILE</code> env var when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1893">#1893</a>)</li> <li>Send 408 request timeout even when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2119">#2119</a>)</li> <li>Rescue IO::WaitReadable instead of EAGAIN for blocking read (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2121">#2121</a>)</li> <li>Ensure <code>BUNDLE_GEMFILE</code> is unspecified in workers if unspecified in master when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2154">#2154</a>)</li> <li>Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1551">#1551</a>)</li> <li>Read directly from the socket in #read_and_drop to avoid raising further SSL errors (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2198">#2198</a>)</li> <li>Set <code>Connection: closed</code> header when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2216">#2216</a>)</li> <li>Pass queued requests to thread pool on server shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2122">#2122</a>)</li> <li>Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/puma/puma/blob/master/History.md">puma's changelog</a>.</em></p> <blockquote> <h2>5.0.0</h2> <ul> <li> <p>Features</p> <ul> <li>Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a>)</li> <li>EXPERIMENTAL: Add <code>fork_worker</code> option and <code>refork</code> command for reduced memory usage by forking from a worker process instead of the master process. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2099">#2099</a>)</li> <li>EXPERIMENTAL: Added <code>wait_for_less_busy_worker</code> config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2079">#2079</a>).</li> <li>EXPERIMENTAL: Added <code>nakayoshi_fork</code> option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2093">#2093</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2256">#2256</a>)</li> <li>Added pumactl <code>thread-backtraces</code> command to print thread backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2054">#2054</a>)</li> <li>Added incrementing <code>requests_count</code> to <code>Puma.stats</code>. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2106">#2106</a>)</li> <li>Increased maximum URI path length from 2048 to 8192 bytes (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2167">#2167</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2344">#2344</a>)</li> <li><code>lowlevel_error_handler</code> is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2203">#2203</a>)</li> <li>Faster phased restart and worker timeout (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Added <code>state_permission</code> to config DSL to set state file permissions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2238">#2238</a>)</li> <li>Added <code>Puma.stats_hash</code>, which returns a stats in Hash instead of a JSON string (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2086">#2086</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2253">#2253</a>)</li> <li><code>rack.multithread</code> and <code>rack.multiprocess</code> now dynamically resolved by <code>max_thread</code> and <code>workers</code> respectively (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2288">#2288</a>)</li> </ul> </li> <li> <p>Deprecations, Removals and Breaking API Changes</p> <ul> <li><code>--control</code> has been removed. Use <code>--control-url</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1487">#1487</a>)</li> <li><code>worker_directory</code> has been removed. Use <code>directory</code>.</li> <li>min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>max_threads default to 5 in MRI or 16 for all other interpreters. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>preload by default if workers > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li>Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li> <li><code>tcp_mode</code> has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2169">#2169</a>)</li> <li>Daemonization has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2170">#2170</a>)</li> <li>Changed #connected_port to #connected_ports (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2076">#2076</a>)</li> <li>Configuration: <code>environment</code> is read from <code>RAILS_ENV</code>, if <code>RACK_ENV</code> can't be found (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2022">#2022</a>)</li> <li>Log binding on http:// for TCP bindings to make it clickable</li> </ul> </li> <li> <p>Bugfixes</p> <ul> <li>Fix JSON loading issues on phased-restarts (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li> <li>Improve shutdown reliability (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2312">#2312</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2338">#2338</a>)</li> <li>Close client http connections made to an ssl server with TLSv1.3 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2116">#2116</a>)</li> <li>Do not set user_config to quiet by default to allow for file config (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2074">#2074</a>)</li> <li>Always close SSL connection in Puma::ControlCLI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2211">#2211</a>)</li> <li>Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2069">#2069</a>)</li> <li>Ensure control server Unix socket is closed on shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2112">#2112</a>)</li> <li>Preserve <code>BUNDLE_GEMFILE</code> env var when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1893">#1893</a>)</li> <li>Send 408 request timeout even when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2119">#2119</a>)</li> <li>Rescue IO::WaitReadable instead of EAGAIN for blocking read (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2121">#2121</a>)</li> <li>Ensure <code>BUNDLE_GEMFILE</code> is unspecified in workers if unspecified in master when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2154">#2154</a>)</li> <li>Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1551">#1551</a>)</li> <li>Read directly from the socket in #read_and_drop to avoid raising further SSL errors (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2198">#2198</a>)</li> <li>Set <code>Connection: closed</code> header when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2216">#2216</a>)</li> <li>Pass queued requests to thread pool on server shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2122">#2122</a>)</li> <li>Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li> <li>Fix <code>out_of_band</code> hook never executed if the number of worker threads is > 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2177">#2177</a>)</li> <li>Fix ThreadPool#shutdown timeout accuracy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2221">#2221</a>)</li> <li>Fix <code>UserFileDefaultOptions#fetch</code> to properly use <code>default</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2233">#2233</a>)</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/puma/puma/commit/13e18e8078c800adfc52af687acc1d8de5f3988d"><code>13e18e8</code></a> Puma 5</li> <li><a href="https://github.com/puma/puma/commit/4be4069d6e7db8a06196c758b9b7cb3c7b42c473"><code>4be4069</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2370">#2370</a> from MSP-Greg/fix-2368</li> <li><a href="https://github.com/puma/puma/commit/b895566894d9f75ba3b896d5759bb1c6589244ee"><code>b895566</code></a> Fix my errors in 2368</li> <li><a href="https://github.com/puma/puma/commit/038a0d9da95a58d128bbbd76ebaacacd184e47e2"><code>038a0d9</code></a> Documentation - add version info, misc fixes [ci skip] (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2368">#2368</a>)</li> <li><a href="https://github.com/puma/puma/commit/18f1810c9cdec3fac50fc49dc35e8b478d637f32"><code>18f1810</code></a> test/helper.rb -TimeoutEveryTestCase - set non MRI timeouts to 60 sec</li> <li><a href="https://github.com/puma/puma/commit/0ab0eecb29325670d6e56223c85162aaa4ac5694"><code>0ab0eec</code></a> Leave DISABLE_SSL undocumented</li> <li><a href="https://github.com/puma/puma/commit/1ebdf11ab1d886e6731dd5930930ce9a7db80079"><code>1ebdf11</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2305">#2305</a> from MSP-Greg/no-ssl</li> <li><a href="https://github.com/puma/puma/commit/7b3c08ab6b5c509e0d8cada274d4c98294e500d1"><code>7b3c08a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2365">#2365</a> from MSP-Greg/test-timeout</li> <li><a href="https://github.com/puma/puma/commit/5b5698648edcd5a938e992140d8b9c2a0b95008b"><code>5b56986</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2364">#2364</a> from MSP-Greg/share-cert</li> <li><a href="https://github.com/puma/puma/commit/fe2c25ba559a5ccebf9426a54102f91156e335a7"><code>fe2c25b</code></a> README.md - add 'SSL Connection Support' section</li> <li>Additional commits viewable in <a href="https://github.com/puma/puma/compare/v4.3.6...v5.0.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 4 minutes

delete branch bamblebam/js-react-projects

delete branch : dependabot/npm_and_yarn/random_meal_generator/elliptic-6.5.3

delete time in 4 minutes

pull request commentNeatNerdPrime/mastodon

Bump puma from 4.3.6 to 5.0.0

Looks like puma is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 4 minutes

push eventdictyBase/dicty-components-header-footer

dependabot[bot]

commit sha c5e5b324ced8d2c877465c9f85adb8195d206019

chore(deps-dev): bump enzyme-adapter-react-16 from 1.15.3 to 1.15.4 Bumps [enzyme-adapter-react-16](https://github.com/enzymejs/enzyme/tree/HEAD/packages/enzyme-adapter-react-16) from 1.15.3 to 1.15.4. - [Release notes](https://github.com/enzymejs/enzyme/releases) - [Changelog](https://github.com/enzymejs/enzyme/blob/master/CHANGELOG.md) - [Commits](https://github.com/enzymejs/enzyme/commits/enzyme-adapter-react-16@1.15.4/packages/enzyme-adapter-react-16) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha ada71d67537285be8acdc55ab4f607c077c6af73

chore(deps-dev): bump semantic-release from 17.1.1 to 17.1.2 Bumps [semantic-release](https://github.com/semantic-release/semantic-release) from 17.1.1 to 17.1.2. - [Release notes](https://github.com/semantic-release/semantic-release/releases) - [Commits](https://github.com/semantic-release/semantic-release/compare/v17.1.1...v17.1.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha cb0d0c74247ad3593db9ceaea478301bc1165ce0

chore(deps-dev): bump flow-bin from 0.132.0 to 0.134.0 Bumps [flow-bin](https://github.com/flowtype/flow-bin) from 0.132.0 to 0.134.0. - [Release notes](https://github.com/flowtype/flow-bin/releases) - [Commits](https://github.com/flowtype/flow-bin/commits) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 4 minutes

push eventNeatNerdPrime/mastodon

Eugen Rochko

commit sha 974b1b79ce58e6799e5e5bb576e630ca783150de

Add option to be notified when a followed user posts (#13546) * Add bell button Fix #4890 * Remove duplicate type from post-deployment migration * Fix legacy class type mappings * Improve query performance with better index * Fix validation * Remove redundant index from notifications

view details

dependabot[bot]

commit sha aeeb0252a4d9048048cd1e20e32c6a1a15c3a4dd

Bump @github/webauthn-json from 0.4.2 to 0.5.4 (#14823) Bumps [@github/webauthn-json](https://github.com/github/webauthn-json) from 0.4.2 to 0.5.4. - [Release notes](https://github.com/github/webauthn-json/releases) - [Commits](https://github.com/github/webauthn-json/compare/v0.4.2...v0.5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha b7d7485fe38a5e4a5b14006071fa2df026f5a8c7

Bump faker from 2.13.0 to 2.14.0 (#14824) Bumps [faker](https://github.com/faker-ruby/faker) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v2.13.0...v2.14.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 41bf9384ae5923ee1226712346f3ef290fe8a1dc

Bump better_errors from 2.7.1 to 2.8.1 (#14825) Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.7.1 to 2.8.1. - [Release notes](https://github.com/BetterErrors/better_errors/releases) - [Commits](https://github.com/BetterErrors/better_errors/compare/v2.7.1...v2.8.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 76adfb7173bb1996f3fbf9071055ac3b18940d03

Bump object.assign from 4.1.0 to 4.1.1 (#14828) Bumps [object.assign](https://github.com/ljharb/object.assign) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/ljharb/object.assign/releases) - [Changelog](https://github.com/ljharb/object.assign/blob/main/CHANGELOG.md) - [Commits](https://github.com/ljharb/object.assign/compare/v4.1.0...v4.1.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 3e027a5dd3a7c73e4f84a7ecdf7905c9b60468ad

Bump spdx-license-ids from 3.0.5 to 3.0.6 (#14852) Bumps [spdx-license-ids](https://github.com/jslicense/spdx-license-ids) from 3.0.5 to 3.0.6. - [Release notes](https://github.com/jslicense/spdx-license-ids/releases) - [Commits](https://github.com/jslicense/spdx-license-ids/compare/v3.0.5...v3.0.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha dd7c70a615f0327470eabce5610abb1763456a44

Bump aws-sdk-s3 from 1.80.0 to 1.81.0 (#14826) Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.80.0 to 1.81.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha c36e94f65b92f888714926d68b995f111b60beb3

Bump caniuse-lite from 1.0.30001129 to 1.0.30001133 (#14831) Bumps [caniuse-lite](https://github.com/ben-eb/caniuse-lite) from 1.0.30001129 to 1.0.30001133. - [Release notes](https://github.com/ben-eb/caniuse-lite/releases) - [Changelog](https://github.com/ben-eb/caniuse-lite/blob/master/CHANGELOG.md) - [Commits](https://github.com/ben-eb/caniuse-lite/compare/v1.0.30001129...v1.0.30001133) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 9e489adb26e3fef8b501d653c806f7795734a2ce

Bump dot-prop from 5.2.0 to 5.3.0 (#14842) Bumps [dot-prop](https://github.com/sindresorhus/dot-prop) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/sindresorhus/dot-prop/releases) - [Commits](https://github.com/sindresorhus/dot-prop/compare/v5.2.0...v5.3.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha aaae44ab85bb8e4723c6c6d3fcc9d5d292abbb2a

Bump abab from 2.0.4 to 2.0.5 (#14844) Bumps [abab](https://github.com/jsdom/abab) from 2.0.4 to 2.0.5. - [Release notes](https://github.com/jsdom/abab/releases) - [Changelog](https://github.com/jsdom/abab/blob/master/CHANGELOG.md) - [Commits](https://github.com/jsdom/abab/compare/2.0.4...2.0.5) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 8c1d8d81a39811f94221ffa1587d3b2ba83f8c21

Bump jest-worker from 26.2.1 to 26.3.0 (#14849) Bumps [jest-worker](https://github.com/facebook/jest/tree/HEAD/packages/jest-worker) from 26.2.1 to 26.3.0. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v26.3.0/packages/jest-worker) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha c5473bfe1be8cf7daddafcb6f7e0517809c50a5b

Bump file-loader from 6.0.0 to 6.1.0 (#14854) Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/webpack-contrib/file-loader/releases) - [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/file-loader/compare/v6.0.0...v6.1.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha b9a28ba138f974707989f92d78ce231e8bb67d8f

Bump escalade from 3.0.2 to 3.1.0 (#14851) Bumps [escalade](https://github.com/lukeed/escalade) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/lukeed/escalade/releases) - [Commits](https://github.com/lukeed/escalade/compare/v3.0.2...v3.1.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 1ca54375215c830930f4149704ce95b2841b3081

Bump webpack from 4.44.1 to 4.44.2 (#14847) Bumps [webpack](https://github.com/webpack/webpack) from 4.44.1 to 4.44.2. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v4.44.1...v4.44.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

Eugen Rochko

commit sha 8c8bf0289f6b166d7a0f6145347d5cd345977828

Fix not being able to enable status notifications in Web Push API (#14822)

view details

Takeshi Umeda

commit sha 070026e6348f594c6521237cf0e6b90c8ee813ce

Fix method of the DELETE DATA button (#14855)

view details

dependabot[bot]

commit sha 687e04aaa01af42d7bc297c63a708fc2dfdba8d0

Bump fugit from 1.3.8 to 1.3.9 (#14829) Bumps [fugit](https://github.com/floraison/fugit) from 1.3.8 to 1.3.9. - [Release notes](https://github.com/floraison/fugit/releases) - [Changelog](https://github.com/floraison/fugit/blob/master/CHANGELOG.md) - [Commits](https://github.com/floraison/fugit/compare/v1.3.8...v1.3.9) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha cc8c7d6477a66930aaa4fd04f52cadef0d3d9a9e

Bump rubocop-rails from 2.8.0 to 2.8.1 (#14832) Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases) - [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.8.0...v2.8.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 19353df01d500d109b0a240c39bcec61d354dc0a

Bump crack from 0.4.3 to 0.4.4 (#14833) Bumps [crack](https://github.com/jnunemaker/crack) from 0.4.3 to 0.4.4. - [Release notes](https://github.com/jnunemaker/crack/releases) - [Changelog](https://github.com/jnunemaker/crack/blob/master/History) - [Commits](https://github.com/jnunemaker/crack/compare/v0.4.3...v0.4.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

dependabot[bot]

commit sha 36da58556c194d98b9319d43d26598938ee41d40

Bump devise from 4.7.2 to 4.7.3 (#14845) Bumps [devise](https://github.com/plataformatec/devise) from 4.7.2 to 4.7.3. - [Release notes](https://github.com/plataformatec/devise/releases) - [Changelog](https://github.com/heartcombo/devise/blob/master/CHANGELOG.md) - [Commits](https://github.com/plataformatec/devise/compare/v4.7.2...v4.7.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 4 minutes

delete branch GhadaAlmashaqbeh/GhadaAlmashaqbeh.github.io

delete branch : dependabot/bundler/activesupport-6.0.3.1

delete time in 4 minutes

delete branch BIWhitfield/habitual-linestepper-client

delete branch : dependabot/npm_and_yarn/elliptic-6.5.3

delete time in 4 minutes

delete branch bamblebam/js-react-projects

delete branch : dependabot/npm_and_yarn/random_meal_generator/http-proxy-1.18.1

delete time in 4 minutes

more