PR closed muhammadtrad/job-listing
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in a few seconds
PR closed muhammadtrad/job-listing
Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in a few seconds
pull request commentmuhammadtrad/job-listing
Bump mixin-deep from 1.3.1 to 1.3.2
Looks like mixin-deep is up-to-date now, so this is no longer needed.
comment created time in a few seconds
pull request commentmuhammadtrad/job-listing
Bump acorn from 5.7.3 to 5.7.4
Looks like acorn is up-to-date now, so this is no longer needed.
comment created time in a few seconds
PR opened lookskystar/taotao
Bumps jackson-databind from 2.4.2 to 2.9.10.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/FasterXML/jackson/commits">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
PR opened lookskystar/taotao
Bumps commons-fileupload from 1.3.1 to 1.3.3.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchlookskystar/taotao
branch : dependabot/maven/taotao-parent/com.fasterxml.jackson.core-jackson-databind-2.9.10.3
created branch time in a few seconds
PR opened lookskystar/taotao
Bumps httpclient from 4.3.5 to 4.3.6.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchlookskystar/taotao
branch : dependabot/maven/taotao-parent/commons-fileupload-commons-fileupload-1.3.3
created branch time in a few seconds
create barnchlookskystar/taotao
branch : dependabot/maven/taotao-parent/org.apache.httpcomponents-httpclient-4.3.6
created branch time in a few seconds
PR opened intuitiva/www-zauru
Bumps acorn from 3.3.0 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/910e62bbda199ce7acc5de10d374afa0f6fcf7d6"><code>910e62b</code></a> Mark version 5.7.3</li> <li><a href="https://github.com/acornjs/acorn/commit/3442a80d2cdfa672ae2b6ccd6c2bd5c167914db4"><code>3442a80</code></a> Make generate-identifier-regex capable of rewriting src/identifier.js</li> <li><a href="https://github.com/acornjs/acorn/commit/22b22f36330d41a20225f26aab314d3e9d5452bd"><code>22b22f3</code></a> Raise specific errors for unterminated template literals</li> <li><a href="https://github.com/acornjs/acorn/commit/1461c7c5778933514126216fb3ec22d8dfc57feb"><code>1461c7c</code></a> Fix a lint error</li> <li><a href="https://github.com/acornjs/acorn/commit/0c12f63f171d8a6c8b354de54a7ff4a8d5fa486e"><code>0c12f63</code></a> Fix tokenizing of regexps after .of</li> <li><a href="https://github.com/acornjs/acorn/commit/832c3081da0df0a586cfc3ea96040f64252088b7"><code>832c308</code></a> Fix 404 url</li> <li><a href="https://github.com/acornjs/acorn/commit/95ca55c7863fafd8bf6d446a0098325388ff9f1c"><code>95ca55c</code></a> Mark version 5.7.2</li> <li><a href="https://github.com/acornjs/acorn/commit/bba80abc23ed67337a6502b8b0f22675c4b22303"><code>bba80ab</code></a> Remove another fixed test from the 262 whitelist</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/3.3.0...5.7.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchintuitiva/www-zauru
branch : dependabot/npm_and_yarn/acorn-5.7.4
created branch time in a few seconds
PR opened ChumaniBroll/TestingAPI-
Bumps bootstrap from 3.3.7 to 3.4.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchChumaniBroll/TestingAPI-
branch : dependabot/nuget/bootstrap-3.4.1
created branch time in a few seconds
PR opened juksy/about-page
Bumps lodash from 4.17.11 to 4.17.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li><a href="https://github.com/lodash/lodash/commit/17a34bc5854bb982ef333bfe7ae469f4dfcee0ec"><code>17a34bc</code></a> Fix test bootstrap for core build.</li> <li><a href="https://github.com/lodash/lodash/commit/53838a38f8e4f6204ef2f837fecc4e07d09afe77"><code>53838a3</code></a> Fix tests in older browsers.</li> <li><a href="https://github.com/lodash/lodash/commit/29e258497b5ff45494a85cfa58743517aaeeff52"><code>29e2584</code></a> Fix style:test lint nits.</li> <li><a href="https://github.com/lodash/lodash/commit/8f4d3eb018884d96eb57fba3f724bfff494df724"><code>8f4d3eb</code></a> Update deps.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.11...4.17.13">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchjuksy/about-page
branch : dependabot/npm_and_yarn/lodash-4.17.13
created branch time in a few seconds
delete branch b97tsk/reactive-tree
delete branch : dependabot/npm_and_yarn/acorn-7.1.1
delete time in a few seconds
PR closed b97tsk/reactive-tree
Bumps acorn from 7.1.0 to 7.1.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6d194895783b03b2a37441f01857c34302eab4c8"><code>6d19489</code></a> Mark release 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802"><code>793c0e5</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/b5c17877ac0511e31579ea31e7650ba1a5871e51"><code>b5c1787</code></a> Fix incorrect comment in regexp parser</li> <li><a href="https://github.com/acornjs/acorn/commit/12ae8fed7ebc5b7c894c5976575f33cf36a223cc"><code>12ae8fe</code></a> Parameterize dummy value and export <code>isDummy</code></li> <li><a href="https://github.com/acornjs/acorn/commit/fa3ad8cef0f39f5ae0cbd8be0bf65eb0a782133e"><code>fa3ad8c</code></a> Further refine acorn-walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/1d5028637852c2834091739646e25dd6558ee7a8"><code>1d50286</code></a> Fix some errors in walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/97801f0b5835bc93739666b3494c9b49aeb5fc1d"><code>97801f0</code></a> Mark acorn-walk 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/e9372c151f63fe254c7f5e7ffd7a820e34422208"><code>e9372c1</code></a> Further clean up walker types</li> <li><a href="https://github.com/acornjs/acorn/commit/de6edeb654cf665e732d822d95c97e2d2fc879bc"><code>de6edeb</code></a> Remove NarrowNode from walk.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/1d85e7ce982a979bb5411cd00fd9156eecf952a5"><code>1d85e7c</code></a> Fix: acorn-walk type work with acorn's</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/7.1.0...7.1.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in a few seconds
pull request commentb97tsk/reactive-tree
Bump acorn from 7.1.0 to 7.1.1
Looks like acorn is up-to-date now, so this is no longer needed.
comment created time in a few seconds
delete branch marcelsawicki/Practice
delete branch : dependabot/npm_and_yarn/Frontend/Angular/Heroes/angular-tour-of-heroes/tar-2.2.2
delete time in a few seconds
PR opened AlexSenn422/react-redux
Bumps lodash-es from 4.17.10 to 4.17.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ddfd9b11a0126db2302cb70ec9973b66baec0975"><code>ddfd9b1</code></a> Bump to v4.17.15.</li> <li><a href="https://github.com/lodash/lodash/commit/b185fcee26b2133bd071f4aaca14b455c2ed1008"><code>b185fce</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/be87d303941222b97c482755afc0f4a77ce46c30"><code>be87d30</code></a> Bump to v4.17.14.</li> <li><a href="https://github.com/lodash/lodash/commit/a6fe6b1e174fd02b5e60eb2664405f4c1262c300"><code>a6fe6b1</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.10...4.17.15">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchAlexSenn422/react-redux
branch : dependabot/npm_and_yarn/lodash-es-4.17.15
created branch time in a few seconds
PR opened AlexSenn422/react-redux
Bumps handlebars from 4.0.11 to 4.7.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/wycats/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.6 - April 3rd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1672">#1672</a> - Switch cmd parser to latest minimist (<a href="https://api.github.com/users/dougwilson">@dougwilson</a></li> </ul> <p>Compatibility notes:</p> <ul> <li>Restored Node.js compatibility</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.5...v4.7.6">Commits</a></p> <h2>v4.7.5 - April 2nd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><del>Node.js version support has been changed to v6+</del> Reverted in 4.7.6</li> </ul> <p>Compatibility notes:</p> <ul> <li><del>Node.js < v6 is no longer supported</del> Reverted in 4.7.6</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.4...v4.7.5">Commits</a></p> <h2>v4.7.4 - April 1st, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1666">#1666</a> - Replaced minimist with yargs for handlebars CLI (<a href="https://api.github.com/users/aorinevo">@aorinevo</a>, <a href="https://api.github.com/users/AviVahl">@AviVahl</a> & <a href="https://api.github.com/users/fabb">@fabb</a>)</li> </ul> <p>Compatibility notes:</p> <ul> <li>No incompatibilities are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.3...v4.7.4">Commits</a></p> <h2>v4.7.3 - February 5th, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1644">#1644</a> - Download links to aws broken on handlebarsjs.com - access denied (<a href="https://api.github.com/users/Tea56">@Tea56</a>)</li> <li>Fix spelling and punctuation in changelog - d78cc73</li> </ul> <p>Bugfixes:</p> <ul> <li>Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a> - 4de51fe</li> <li>Include Type Definition for runtime.js in Package - a32d05f</li> </ul> <p>Compatibility notes:</p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/wycats/handlebars.js/commit/e6ad93ea01bcde1f8ddaa4b4ebe572dd616abfaa"><code>e6ad93e</code></a> v4.7.6</li> <li><a href="https://github.com/wycats/handlebars.js/commit/2bf4fc6fd3ae3d8f076d628653f284d85faebeb4"><code>2bf4fc6</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/b64202bc9197307bd785a58693e3820eb9bb41a8"><code>b64202b</code></a> Update release-notes.md</li> <li><a href="https://github.com/wycats/handlebars.js/commit/c2f1e6203178918569f085e12afdb762cae17fb0"><code>c2f1e62</code></a> Switch cmd parser to latest minimist</li> <li><a href="https://github.com/wycats/handlebars.js/commit/08e9a11a34c3ad8387a0b85b1334f97cab85191a"><code>08e9a11</code></a> Revert "chore: set Node.js compatibility to v6+"</li> <li><a href="https://github.com/wycats/handlebars.js/commit/1fd2edee2a12fb228061fcde807905c6b14339c4"><code>1fd2ede</code></a> v4.7.5</li> <li><a href="https://github.com/wycats/handlebars.js/commit/3c9c2f5cf29cf10f54d5fe4daca6b24b65f0adcf"><code>3c9c2f5</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/16487a088e13f4d52c6fd6610b9ec71c4a51be8a"><code>16487a0</code></a> chore: downgrade yargs to v14</li> <li><a href="https://github.com/wycats/handlebars.js/commit/309d2b49a11628d2a8f052c5587e7459968cd705"><code>309d2b4</code></a> chore: set Node.js compatibility to v6+</li> <li><a href="https://github.com/wycats/handlebars.js/commit/645ac73844918668f9a2f41e49b7cb18ce5abf36"><code>645ac73</code></a> test: fix integration tests</li> <li>Additional commits viewable in <a href="https://github.com/wycats/handlebars.js/compare/v4.0.11...v4.7.6">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~erisds">erisds</a>, a new releaser for handlebars since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchAlexSenn422/react-redux
branch : dependabot/npm_and_yarn/handlebars-4.7.6
created branch time in a few seconds
PR opened AlexSenn422/react-redux
Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchAlexSenn422/react-redux
branch : dependabot/npm_and_yarn/lodash.template-4.5.0
created branch time in a few seconds
pull request commentmarcelsawicki/Practice
Bump tar from 2.2.1 to 2.2.2 in /Frontend/Angular/Heroes/angular-tour-of-heroes
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
comment created time in a few seconds
PR opened AlexSenn422/react-redux
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchAlexSenn422/react-redux
branch : dependabot/npm_and_yarn/mixin-deep-1.3.2
created branch time in a minute
PR opened intuitiva/www-zauru
Bumps underscore.string from 3.3.4 to 3.3.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/esamattis/underscore.string/blob/master/CHANGELOG.markdown">underscore.string's changelog</a>.</em></p> <blockquote> <h3>3.3.5</h3> <ul> <li>Security fix</li> <li><a href="https://github.com/epeli/underscore.string/compare/3.2.4...3.2.5">Full changelog</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/esamattis/underscore.string/commit/87ddc29fab2df47a1bf09c048d2e0ba468159d2f"><code>87ddc29</code></a> Release 3.3.5</li> <li><a href="https://github.com/esamattis/underscore.string/commit/fde7ed699c26d294ed466624f9d843240cd14e94"><code>fde7ed6</code></a> Add 3.3.5 changelog</li> <li><a href="https://github.com/esamattis/underscore.string/commit/f486cd684c94c12db48b45d52b1472a1b9661029"><code>f486cd6</code></a> Try to fix regexp redos</li> <li>See full diff in <a href="https://github.com/epeli/underscore.string/compare/3.3.4...3.3.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~esamatti">esamatti</a>, a new releaser for underscore.string since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchintuitiva/www-zauru
branch : dependabot/npm_and_yarn/underscore.string-3.3.5
created branch time in a minute
PR opened intuitiva/www-zauru
Bumps fstream from 1.0.11 to 1.0.12. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/fstream/commit/42354590e23bb514eb5c869eea64406be2947c6c"><code>4235459</code></a> 1.0.12</li> <li><a href="https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22"><code>6a77d2f</code></a> Clobber a Link if it's in the way of a File</li> <li>See full diff in <a href="https://github.com/npm/fstream/compare/v1.0.11...v1.0.12">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchintuitiva/www-zauru
branch : dependabot/npm_and_yarn/fstream-1.0.12
created branch time in a minute
PR opened JavaTeamt/beifen2
Bumps jackson-databind from 2.9.6 to 2.9.10.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/FasterXML/jackson/commits">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchJavaTeamt/beifen2
branch : dependabot/maven/com.fasterxml.jackson.core-jackson-databind-2.9.10.3
created branch time in a minute
delete branch marcelsawicki/Practice
delete branch : dependabot/npm_and_yarn/Frontend/Angular/Heroes/angular-tour-of-heroes/handlebars-4.5.3
delete time in a minute
pull request commentmarcelsawicki/Practice
Bump handlebars from 4.0.12 to 4.5.3 in /Frontend/Angular/Heroes/angular-tour-of-heroes
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
comment created time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps spring-security-oauth2 from 2.0.5-SNAPSHOT to 2.0.18.RELEASE. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/SpringSource/spring-security-oauth/commits/2.0.18.RELEASE">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps bcprov-jdk14 from 1.38 to 1.64. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html">bcprov-jdk14's changelog</a>.</em></p> <blockquote> <html> <head> <title>Bouncy Castle Crypto Package - Release Notes</title> </head> <body bgcolor="#ffffff" text="#000000#"> <center> <h1>Bouncy Castle Crypto Package - Release Notes</h1> <font size=1> <pre> </pre> </font> </center> <h2>1.0 Introduction</h2> <p> The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organised so that it contains a light-weight API suitable for use in any environment (including the J2ME) with the additional infrastructure to conform the algorithms to the JCE framework. </p> <h2>2.0 Release History</h2> <h3>2.1.1 Version</h3> Release: 1.66<br/> Date: 2020, TBD. <h3>2.1.2 Defects Fixed</h3> <ul> <li>EdDSA verifiers now reset correctly after rejecting overly long signatures.</li> <li>BCJSSE: SSLSession.getPeerCertificateChain could throw NullPointerException. This has been fixed.</li> <li>qTESLA-I verifier would reject some valid signatures. This has been fixed.</li> <li>qTESLA verifiers now reject overly long signatures.</li> <li>PGP regression caused failure to preserve existing version header when headers were reset. This has now been fixed.</li> <li>PKIXNameConstraintValidator had a bad cast preventing use of multiple OtherName constraints. This has been fixed.</li> <li>Serialisation of the non-CRT RSA Private Key could cause a NullPointerException. This has been fixed.</li> </ul> <h3>2.1.3 Additional Features and Functionality</h3> <ul> <li>The qTESLA signature algorithm has been updated to v2.8 (20191108).</li> <li>BCJSSE: Client-side OCSP stapling now supports status_request_v2 extension.</li> </ul> <h3>2.1.4 Notes</h3> <p> The qTESLA update breaks compatibility with previous versions. Private keys now include a hash of the public key at the end, and signatures are no longer interoperable with previous versions. </p> <h3>2.2.1 Version</h3> Release: 1.65<br/> Date: 2020, March 31st. </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/bcgit/bc-java/commits">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps spring-core from 3.2.12-SNAPSHOT to 4.3.19.RELEASE. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">spring-core's releases</a>.</em></p> <blockquote> <h2>4.1.7 Release</h2> <h2>:star: New Features</h2> <ul> <li>Avoid reflection for creating StandardServletAsyncWebRequest [SPR-13112] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17703">#17703</a></li> <li>Provide means to opt out of default annotation based transaction management by bean [SPR-13109] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17700">#17700</a></li> <li>Make PropertyMatches public [SPR-13054] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17646">#17646</a></li> <li><a href="mvc:resources">mvc:resources</a> does not handles directories well [SPR-12999] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17591">#17591</a></li> <li>Same Origin check in both AbstractSockJSService and OriginHandshakeInterceptor is not working with Tyrus client [SPR-12956] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17548">#17548</a></li> <li>MethodJmsListenerEndpoint does not set the DestinationResolver on the MessagingMessageListenerAdapter [SPR-12927] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17520">#17520</a></li> <li>Use higher log level in InvocableHandlerMethod.getMethodArgumentValues() [SPR-12925] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17518">#17518</a></li> <li>Spring logs FactoryBean type check warning in case of factory method with arguments [SPR-12900] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17499">#17499</a></li> <li>AnnotatedElementUtils should leniently ignore TypeNotPresentExceptions (just like AnnotationUtils) [SPR-12889] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17487">#17487</a></li> <li>Support package private annotations with AnnotationUtils [SPR-12858] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17456">#17456</a></li> <li><code>@Aspect</code> aspect not correctly applied to Java 8 lambda-defined <code>@Beans</code> [SPR-11807] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/16427">#16427</a></li> </ul> <h2>:beetle: Bug Fixes</h2> <ul> <li>YAML Processor leaves StreamDecoder open [SPR-13173] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17765">#17765</a></li> <li>GzipResourceResolver has NullPointerException when used with VersionResourceResolver [SPR-13149] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17740">#17740</a></li> <li>AntPathMatcher throws StringIndexOutOfBoundsException [SPR-13139] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17730">#17730</a></li> <li>XML input vulnerability based on DTD declaration [SPR-13136] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17727">#17727</a></li> <li>ObjenesisCglibAopProxy's fallback mode triggers duplicate class definition error [SPR-13131] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17722">#17722</a></li> <li>FileNotFoundException when implementing a nested interface with groovy closure in a <code>@Component</code> [SPR-13115] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17706">#17706</a></li> <li>When use a <code>@args</code> as pointcut, there is case that occur a NPE at calling the unrelated method [SPR-13102] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17693">#17693</a></li> <li>Configuration class parsing may trigger NoClassDefFoundError for nested classes [SPR-13091] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17682">#17682</a></li> <li>H4 SpringSessionSynchronization#beforeCompletion leaves irreparably broken state if exception thrown in session.disconnect() [SPR-13089] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17680">#17680</a></li> <li>Wrong IllegalStateException for <code>@Cacheable</code> without a cache name [SPR-13081] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17672">#17672</a></li> <li>DefaultMockMvcBuilder combined with <code>@ContextHierarchy</code> registers wrong context as ROOT [SPR-13075] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17667">#17667</a></li> <li>ByteBuffer corrupted by ByteBufferConverter when passed through Spring [SPR-13056] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17648">#17648</a></li> <li>Remoting over JMS with receiveTimeout blocks service forever [SPR-13052] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17644">#17644</a></li> <li>NPE in PropertyOrFieldReference due to concurrency issue when caching SpelExpression objects [SPR-13023] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17614">#17614</a></li> <li>Validation of frame content in org.springframework.web.socket.sockjs.frame.SockJsFrame is a NoOp [SPR-13019] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17610">#17610</a></li> <li>StringIndexOutOfBoundsException in ResourceUrlEncodingFilter [SPR-13018] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17609">#17609</a></li> <li>NPE for alias resolved to null in SimpleAliasRegistry [SPR-13016] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17607">#17607</a></li> <li>Commons FileUpload failed after Spring framework upgrade [SPR-13014] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17605">#17605</a></li> <li>CustomBooleanEditor may run into NPE when configured with allowEmpty=false [SPR-13010] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17601">#17601</a></li> <li>ContentCachingResponseWrapper should NOT sendError() before write body [SPR-13004] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17596">#17596</a></li> <li>RequestMapping maps root-controller handler methods with double slashes [SPR-12975] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17566">#17566</a></li> <li>PatternMatchUtils infinite loop bug [SPR-12971] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17563">#17563</a></li> <li>Regression: DLL handled as classpath resource [SPR-12928] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17521">#17521</a></li> <li>ResponseEntity's #equals fails symmetric property. [SPR-12910] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17509">#17509</a></li> <li>Async Execution Aspect compiler error when using ListenableFuture [SPR-12895] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17494">#17494</a></li> <li>CachingResourceResolver + GzipResourceResolver caches different results depending on what is requested first [SPR-12892] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17491">#17491</a></li> <li>Regression in handling of String passed as Types.OTHER to JdbcTemplate [SPR-12890] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17488">#17488</a></li> <li>client-library-url in sockjs config is not working [SPR-12874] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17472">#17472</a></li> <li>CronSequenceGenerator constructor goes into infinite loop with invalid increments [SPR-12871] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17469">#17469</a></li> <li>Incorrect value in InvalidPropertyException message from BeanWrapperImpl.setPropertyValue [SPR-12866] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17464">#17464</a></li> <li>Netty4ClientHttpRequest ignores query parameters [SPR-12779] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17377">#17377</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/spring-projects/spring-framework/commits/v4.3.19.RELEASE">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps spring-core from 3.2.12-SNAPSHOT to 4.3.19.RELEASE. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">spring-core's releases</a>.</em></p> <blockquote> <h2>4.1.7 Release</h2> <h2>:star: New Features</h2> <ul> <li>Avoid reflection for creating StandardServletAsyncWebRequest [SPR-13112] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17703">#17703</a></li> <li>Provide means to opt out of default annotation based transaction management by bean [SPR-13109] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17700">#17700</a></li> <li>Make PropertyMatches public [SPR-13054] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17646">#17646</a></li> <li><a href="mvc:resources">mvc:resources</a> does not handles directories well [SPR-12999] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17591">#17591</a></li> <li>Same Origin check in both AbstractSockJSService and OriginHandshakeInterceptor is not working with Tyrus client [SPR-12956] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17548">#17548</a></li> <li>MethodJmsListenerEndpoint does not set the DestinationResolver on the MessagingMessageListenerAdapter [SPR-12927] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17520">#17520</a></li> <li>Use higher log level in InvocableHandlerMethod.getMethodArgumentValues() [SPR-12925] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17518">#17518</a></li> <li>Spring logs FactoryBean type check warning in case of factory method with arguments [SPR-12900] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17499">#17499</a></li> <li>AnnotatedElementUtils should leniently ignore TypeNotPresentExceptions (just like AnnotationUtils) [SPR-12889] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17487">#17487</a></li> <li>Support package private annotations with AnnotationUtils [SPR-12858] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17456">#17456</a></li> <li><code>@Aspect</code> aspect not correctly applied to Java 8 lambda-defined <code>@Beans</code> [SPR-11807] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/16427">#16427</a></li> </ul> <h2>:beetle: Bug Fixes</h2> <ul> <li>YAML Processor leaves StreamDecoder open [SPR-13173] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17765">#17765</a></li> <li>GzipResourceResolver has NullPointerException when used with VersionResourceResolver [SPR-13149] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17740">#17740</a></li> <li>AntPathMatcher throws StringIndexOutOfBoundsException [SPR-13139] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17730">#17730</a></li> <li>XML input vulnerability based on DTD declaration [SPR-13136] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17727">#17727</a></li> <li>ObjenesisCglibAopProxy's fallback mode triggers duplicate class definition error [SPR-13131] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17722">#17722</a></li> <li>FileNotFoundException when implementing a nested interface with groovy closure in a <code>@Component</code> [SPR-13115] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17706">#17706</a></li> <li>When use a <code>@args</code> as pointcut, there is case that occur a NPE at calling the unrelated method [SPR-13102] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17693">#17693</a></li> <li>Configuration class parsing may trigger NoClassDefFoundError for nested classes [SPR-13091] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17682">#17682</a></li> <li>H4 SpringSessionSynchronization#beforeCompletion leaves irreparably broken state if exception thrown in session.disconnect() [SPR-13089] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17680">#17680</a></li> <li>Wrong IllegalStateException for <code>@Cacheable</code> without a cache name [SPR-13081] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17672">#17672</a></li> <li>DefaultMockMvcBuilder combined with <code>@ContextHierarchy</code> registers wrong context as ROOT [SPR-13075] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17667">#17667</a></li> <li>ByteBuffer corrupted by ByteBufferConverter when passed through Spring [SPR-13056] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17648">#17648</a></li> <li>Remoting over JMS with receiveTimeout blocks service forever [SPR-13052] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17644">#17644</a></li> <li>NPE in PropertyOrFieldReference due to concurrency issue when caching SpelExpression objects [SPR-13023] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17614">#17614</a></li> <li>Validation of frame content in org.springframework.web.socket.sockjs.frame.SockJsFrame is a NoOp [SPR-13019] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17610">#17610</a></li> <li>StringIndexOutOfBoundsException in ResourceUrlEncodingFilter [SPR-13018] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17609">#17609</a></li> <li>NPE for alias resolved to null in SimpleAliasRegistry [SPR-13016] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17607">#17607</a></li> <li>Commons FileUpload failed after Spring framework upgrade [SPR-13014] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17605">#17605</a></li> <li>CustomBooleanEditor may run into NPE when configured with allowEmpty=false [SPR-13010] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17601">#17601</a></li> <li>ContentCachingResponseWrapper should NOT sendError() before write body [SPR-13004] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17596">#17596</a></li> <li>RequestMapping maps root-controller handler methods with double slashes [SPR-12975] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17566">#17566</a></li> <li>PatternMatchUtils infinite loop bug [SPR-12971] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17563">#17563</a></li> <li>Regression: DLL handled as classpath resource [SPR-12928] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17521">#17521</a></li> <li>ResponseEntity's #equals fails symmetric property. [SPR-12910] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17509">#17509</a></li> <li>Async Execution Aspect compiler error when using ListenableFuture [SPR-12895] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17494">#17494</a></li> <li>CachingResourceResolver + GzipResourceResolver caches different results depending on what is requested first [SPR-12892] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17491">#17491</a></li> <li>Regression in handling of String passed as Types.OTHER to JdbcTemplate [SPR-12890] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17488">#17488</a></li> <li>client-library-url in sockjs config is not working [SPR-12874] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17472">#17472</a></li> <li>CronSequenceGenerator constructor goes into infinite loop with invalid increments [SPR-12871] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17469">#17469</a></li> <li>Incorrect value in InvalidPropertyException message from BeanWrapperImpl.setPropertyValue [SPR-12866] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17464">#17464</a></li> <li>Netty4ClientHttpRequest ignores query parameters [SPR-12779] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17377">#17377</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/spring-projects/spring-framework/commits/v4.3.19.RELEASE">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps spring-core from 3.2.12-SNAPSHOT to 4.3.19.RELEASE. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">spring-core's releases</a>.</em></p> <blockquote> <h2>4.1.7 Release</h2> <h2>:star: New Features</h2> <ul> <li>Avoid reflection for creating StandardServletAsyncWebRequest [SPR-13112] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17703">#17703</a></li> <li>Provide means to opt out of default annotation based transaction management by bean [SPR-13109] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17700">#17700</a></li> <li>Make PropertyMatches public [SPR-13054] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17646">#17646</a></li> <li><a href="mvc:resources">mvc:resources</a> does not handles directories well [SPR-12999] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17591">#17591</a></li> <li>Same Origin check in both AbstractSockJSService and OriginHandshakeInterceptor is not working with Tyrus client [SPR-12956] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17548">#17548</a></li> <li>MethodJmsListenerEndpoint does not set the DestinationResolver on the MessagingMessageListenerAdapter [SPR-12927] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17520">#17520</a></li> <li>Use higher log level in InvocableHandlerMethod.getMethodArgumentValues() [SPR-12925] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17518">#17518</a></li> <li>Spring logs FactoryBean type check warning in case of factory method with arguments [SPR-12900] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17499">#17499</a></li> <li>AnnotatedElementUtils should leniently ignore TypeNotPresentExceptions (just like AnnotationUtils) [SPR-12889] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17487">#17487</a></li> <li>Support package private annotations with AnnotationUtils [SPR-12858] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17456">#17456</a></li> <li><code>@Aspect</code> aspect not correctly applied to Java 8 lambda-defined <code>@Beans</code> [SPR-11807] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/16427">#16427</a></li> </ul> <h2>:beetle: Bug Fixes</h2> <ul> <li>YAML Processor leaves StreamDecoder open [SPR-13173] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17765">#17765</a></li> <li>GzipResourceResolver has NullPointerException when used with VersionResourceResolver [SPR-13149] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17740">#17740</a></li> <li>AntPathMatcher throws StringIndexOutOfBoundsException [SPR-13139] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17730">#17730</a></li> <li>XML input vulnerability based on DTD declaration [SPR-13136] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17727">#17727</a></li> <li>ObjenesisCglibAopProxy's fallback mode triggers duplicate class definition error [SPR-13131] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17722">#17722</a></li> <li>FileNotFoundException when implementing a nested interface with groovy closure in a <code>@Component</code> [SPR-13115] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17706">#17706</a></li> <li>When use a <code>@args</code> as pointcut, there is case that occur a NPE at calling the unrelated method [SPR-13102] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17693">#17693</a></li> <li>Configuration class parsing may trigger NoClassDefFoundError for nested classes [SPR-13091] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17682">#17682</a></li> <li>H4 SpringSessionSynchronization#beforeCompletion leaves irreparably broken state if exception thrown in session.disconnect() [SPR-13089] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17680">#17680</a></li> <li>Wrong IllegalStateException for <code>@Cacheable</code> without a cache name [SPR-13081] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17672">#17672</a></li> <li>DefaultMockMvcBuilder combined with <code>@ContextHierarchy</code> registers wrong context as ROOT [SPR-13075] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17667">#17667</a></li> <li>ByteBuffer corrupted by ByteBufferConverter when passed through Spring [SPR-13056] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17648">#17648</a></li> <li>Remoting over JMS with receiveTimeout blocks service forever [SPR-13052] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17644">#17644</a></li> <li>NPE in PropertyOrFieldReference due to concurrency issue when caching SpelExpression objects [SPR-13023] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17614">#17614</a></li> <li>Validation of frame content in org.springframework.web.socket.sockjs.frame.SockJsFrame is a NoOp [SPR-13019] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17610">#17610</a></li> <li>StringIndexOutOfBoundsException in ResourceUrlEncodingFilter [SPR-13018] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17609">#17609</a></li> <li>NPE for alias resolved to null in SimpleAliasRegistry [SPR-13016] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17607">#17607</a></li> <li>Commons FileUpload failed after Spring framework upgrade [SPR-13014] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17605">#17605</a></li> <li>CustomBooleanEditor may run into NPE when configured with allowEmpty=false [SPR-13010] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17601">#17601</a></li> <li>ContentCachingResponseWrapper should NOT sendError() before write body [SPR-13004] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17596">#17596</a></li> <li>RequestMapping maps root-controller handler methods with double slashes [SPR-12975] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17566">#17566</a></li> <li>PatternMatchUtils infinite loop bug [SPR-12971] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17563">#17563</a></li> <li>Regression: DLL handled as classpath resource [SPR-12928] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17521">#17521</a></li> <li>ResponseEntity's #equals fails symmetric property. [SPR-12910] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17509">#17509</a></li> <li>Async Execution Aspect compiler error when using ListenableFuture [SPR-12895] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17494">#17494</a></li> <li>CachingResourceResolver + GzipResourceResolver caches different results depending on what is requested first [SPR-12892] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17491">#17491</a></li> <li>Regression in handling of String passed as Types.OTHER to JdbcTemplate [SPR-12890] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17488">#17488</a></li> <li>client-library-url in sockjs config is not working [SPR-12874] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17472">#17472</a></li> <li>CronSequenceGenerator constructor goes into infinite loop with invalid increments [SPR-12871] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17469">#17469</a></li> <li>Incorrect value in InvalidPropertyException message from BeanWrapperImpl.setPropertyValue [SPR-12866] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17464">#17464</a></li> <li>Netty4ClientHttpRequest ignores query parameters [SPR-12779] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17377">#17377</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/spring-projects/spring-framework/commits/v4.3.19.RELEASE">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps spring-core from 3.2.12-SNAPSHOT to 4.3.19.RELEASE. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spring-projects/spring-framework/releases">spring-core's releases</a>.</em></p> <blockquote> <h2>4.1.7 Release</h2> <h2>:star: New Features</h2> <ul> <li>Avoid reflection for creating StandardServletAsyncWebRequest [SPR-13112] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17703">#17703</a></li> <li>Provide means to opt out of default annotation based transaction management by bean [SPR-13109] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17700">#17700</a></li> <li>Make PropertyMatches public [SPR-13054] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17646">#17646</a></li> <li><a href="mvc:resources">mvc:resources</a> does not handles directories well [SPR-12999] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17591">#17591</a></li> <li>Same Origin check in both AbstractSockJSService and OriginHandshakeInterceptor is not working with Tyrus client [SPR-12956] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17548">#17548</a></li> <li>MethodJmsListenerEndpoint does not set the DestinationResolver on the MessagingMessageListenerAdapter [SPR-12927] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17520">#17520</a></li> <li>Use higher log level in InvocableHandlerMethod.getMethodArgumentValues() [SPR-12925] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17518">#17518</a></li> <li>Spring logs FactoryBean type check warning in case of factory method with arguments [SPR-12900] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17499">#17499</a></li> <li>AnnotatedElementUtils should leniently ignore TypeNotPresentExceptions (just like AnnotationUtils) [SPR-12889] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17487">#17487</a></li> <li>Support package private annotations with AnnotationUtils [SPR-12858] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17456">#17456</a></li> <li><code>@Aspect</code> aspect not correctly applied to Java 8 lambda-defined <code>@Beans</code> [SPR-11807] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/16427">#16427</a></li> </ul> <h2>:beetle: Bug Fixes</h2> <ul> <li>YAML Processor leaves StreamDecoder open [SPR-13173] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17765">#17765</a></li> <li>GzipResourceResolver has NullPointerException when used with VersionResourceResolver [SPR-13149] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17740">#17740</a></li> <li>AntPathMatcher throws StringIndexOutOfBoundsException [SPR-13139] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17730">#17730</a></li> <li>XML input vulnerability based on DTD declaration [SPR-13136] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17727">#17727</a></li> <li>ObjenesisCglibAopProxy's fallback mode triggers duplicate class definition error [SPR-13131] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17722">#17722</a></li> <li>FileNotFoundException when implementing a nested interface with groovy closure in a <code>@Component</code> [SPR-13115] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17706">#17706</a></li> <li>When use a <code>@args</code> as pointcut, there is case that occur a NPE at calling the unrelated method [SPR-13102] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17693">#17693</a></li> <li>Configuration class parsing may trigger NoClassDefFoundError for nested classes [SPR-13091] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17682">#17682</a></li> <li>H4 SpringSessionSynchronization#beforeCompletion leaves irreparably broken state if exception thrown in session.disconnect() [SPR-13089] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17680">#17680</a></li> <li>Wrong IllegalStateException for <code>@Cacheable</code> without a cache name [SPR-13081] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17672">#17672</a></li> <li>DefaultMockMvcBuilder combined with <code>@ContextHierarchy</code> registers wrong context as ROOT [SPR-13075] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17667">#17667</a></li> <li>ByteBuffer corrupted by ByteBufferConverter when passed through Spring [SPR-13056] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17648">#17648</a></li> <li>Remoting over JMS with receiveTimeout blocks service forever [SPR-13052] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17644">#17644</a></li> <li>NPE in PropertyOrFieldReference due to concurrency issue when caching SpelExpression objects [SPR-13023] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17614">#17614</a></li> <li>Validation of frame content in org.springframework.web.socket.sockjs.frame.SockJsFrame is a NoOp [SPR-13019] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17610">#17610</a></li> <li>StringIndexOutOfBoundsException in ResourceUrlEncodingFilter [SPR-13018] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17609">#17609</a></li> <li>NPE for alias resolved to null in SimpleAliasRegistry [SPR-13016] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17607">#17607</a></li> <li>Commons FileUpload failed after Spring framework upgrade [SPR-13014] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17605">#17605</a></li> <li>CustomBooleanEditor may run into NPE when configured with allowEmpty=false [SPR-13010] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17601">#17601</a></li> <li>ContentCachingResponseWrapper should NOT sendError() before write body [SPR-13004] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17596">#17596</a></li> <li>RequestMapping maps root-controller handler methods with double slashes [SPR-12975] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17566">#17566</a></li> <li>PatternMatchUtils infinite loop bug [SPR-12971] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17563">#17563</a></li> <li>Regression: DLL handled as classpath resource [SPR-12928] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17521">#17521</a></li> <li>ResponseEntity's #equals fails symmetric property. [SPR-12910] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17509">#17509</a></li> <li>Async Execution Aspect compiler error when using ListenableFuture [SPR-12895] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17494">#17494</a></li> <li>CachingResourceResolver + GzipResourceResolver caches different results depending on what is requested first [SPR-12892] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17491">#17491</a></li> <li>Regression in handling of String passed as Types.OTHER to JdbcTemplate [SPR-12890] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17488">#17488</a></li> <li>client-library-url in sockjs config is not working [SPR-12874] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17472">#17472</a></li> <li>CronSequenceGenerator constructor goes into infinite loop with invalid increments [SPR-12871] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17469">#17469</a></li> <li>Incorrect value in InvalidPropertyException message from BeanWrapperImpl.setPropertyValue [SPR-12866] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17464">#17464</a></li> <li>Netty4ClientHttpRequest ignores query parameters [SPR-12779] <a href="https://github-redirect.dependabot.com/spring-projects/spring-framework/issues/17377">#17377</a></li> </ul> <h2>:notebook_with_decorative_cover: Documentation</h2> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/spring-projects/spring-framework/commits/v4.3.19.RELEASE">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps httpclient from 4.3.3 to 4.3.6.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
PR opened wulin-challenge/spring-framework-3.2.12
Bumps bcprov-jdk14 from 1.38 to 1.64. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html">bcprov-jdk14's changelog</a>.</em></p> <blockquote> <html> <head> <title>Bouncy Castle Crypto Package - Release Notes</title> </head> <body bgcolor="#ffffff" text="#000000#"> <center> <h1>Bouncy Castle Crypto Package - Release Notes</h1> <font size=1> <pre> </pre> </font> </center> <h2>1.0 Introduction</h2> <p> The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organised so that it contains a light-weight API suitable for use in any environment (including the J2ME) with the additional infrastructure to conform the algorithms to the JCE framework. </p> <h2>2.0 Release History</h2> <h3>2.1.1 Version</h3> Release: 1.66<br/> Date: 2020, TBD. <h3>2.1.2 Defects Fixed</h3> <ul> <li>EdDSA verifiers now reset correctly after rejecting overly long signatures.</li> <li>BCJSSE: SSLSession.getPeerCertificateChain could throw NullPointerException. This has been fixed.</li> <li>qTESLA-I verifier would reject some valid signatures. This has been fixed.</li> <li>qTESLA verifiers now reject overly long signatures.</li> <li>PGP regression caused failure to preserve existing version header when headers were reset. This has now been fixed.</li> <li>PKIXNameConstraintValidator had a bad cast preventing use of multiple OtherName constraints. This has been fixed.</li> <li>Serialisation of the non-CRT RSA Private Key could cause a NullPointerException. This has been fixed.</li> </ul> <h3>2.1.3 Additional Features and Functionality</h3> <ul> <li>The qTESLA signature algorithm has been updated to v2.8 (20191108).</li> <li>BCJSSE: Client-side OCSP stapling now supports status_request_v2 extension.</li> </ul> <h3>2.1.4 Notes</h3> <p> The qTESLA update breaks compatibility with previous versions. Private keys now include a hash of the public key at the end, and signatures are no longer interoperable with previous versions. </p> <h3>2.2.1 Version</h3> Release: 1.65<br/> Date: 2020, March 31st. </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/bcgit/bc-java/commits">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
created branch time in a minute
create barnchwulin-challenge/spring-framework-3.2.12
branch : dependabot/maven/spring-framework-parent/spring-webmvc/org.bouncycastle-bcprov-jdk14-1.64
created branch time in a minute
push eventAlexSenn422/react-next-website
commit sha 137d34266084ab86fe38bb7d341269a2454fe390
Bump acorn from 6.1.1 to 6.4.1 Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.1.1...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>
push time in a minute
PR opened AlexSenn422/react-next-website
Bumps acorn from 6.1.1 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li><a href="https://github.com/acornjs/acorn/commit/ac6decb94a3aa4eee99230fdaf5883dfaafe8479"><code>ac6decb</code></a> Mark version 6.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/7e9817d17639d95cc6dbacfde734a0626b2a7dea"><code>7e9817d</code></a> Allow sourceType: module even with ecmaVersion < 6</li> <li><a href="https://github.com/acornjs/acorn/commit/e2b8cc087386eccc2ad6fd4a02b4257833557cb3"><code>e2b8cc0</code></a> Fix broken parsing of new expressions when allowReserved=="never"</li> <li><a href="https://github.com/acornjs/acorn/commit/1555c528855b10320ce98b4154906d7898c92990"><code>1555c52</code></a> Update acorn.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/77c20fa2c2f490e646b67e6a0ff7e75fb54ab6c8"><code>77c20fa</code></a> Mark version 6.2.1</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/6.1.1...6.4.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchAlexSenn422/react-next-website
branch : dependabot/npm_and_yarn/acorn-6.4.1
created branch time in a minute
PR opened RoyerRamirez/radiant-rooms-calendar-sync
Bumps pycryptodome from 3.4.3 to 3.6.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst">pycryptodome's changelog</a>.</em></p> <blockquote> <p>3.6.6 (17 August 2018) ++++++++++++++++++++++</p> <h2>Resolved issues</h2> <ul> <li>GH#198: Fix vulnerability on AESNI ECB with payloads smaller than 16 bytes (CVE-2018-15560).</li> </ul> <p>3.6.5 (12 August 2018) ++++++++++++++++++++++</p> <h2>Resolved issues</h2> <ul> <li>GH#187: Fixed incorrect AES encryption/decryption with AES acceleration on x86 due to gcc's optimization and strict aliasing rules.</li> <li>GH#188: More prime number candidates than necessary where discarded as composite due to the limited way D values were searched in the Lucas test.</li> <li>Fixed ResouceWarnings and DeprecationWarnings.</li> <li>Workaround for Python 3.7.0 bug on Windows (<a href="https://bugs.python.org/issue34108">https://bugs.python.org/issue34108</a>).</li> </ul> <p>3.6.4 (10 July 2018) +++++++++++++++++++++</p> <h2>New features</h2> <ul> <li>Build Python 3.7 wheels on Linux, Windows and Mac.</li> </ul> <h2>Resolved issues</h2> <ul> <li>GH#178: Rename <code>_cpuid</code> module to make upgrades more robust.</li> <li>More meaningful exceptions in case of mismatch in IV length (CBC/OFB/CFB modes).</li> <li>Fix compilation issues on Solaris 10/11.</li> </ul> <p>3.6.3 (21 June 2018) +++++++++++++++++++++</p> <h2>Resolved issues</h2> <ul> <li>GH#175: Fixed incorrect results for CTR encryption/decryption with more than 8 blocks.</li> </ul> <p>3.6.2 (19 June 2018) +++++++++++++++++++++</p> <h2>New features</h2> <ul> <li>ChaCha20 accepts 96 bit nonces (in addition to 64 bit nonces)</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Legrandin/pycryptodome/commit/3506836f34b9008ba714e7beab097fecb42832da"><code>3506836</code></a> Update to Changelog</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/d1739c62b9b845f8a5b342de08d6bf6e2722d247"><code>d1739c6</code></a> Fix issue <a href="https://github-redirect.dependabot.com/Legrandin/pycryptodome/issues/198">#198</a>: AESNI breaks with messages shorter than 16 bytes</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/df800357717cc8519d200e4548f410053825cd00"><code>df80035</code></a> Bump version</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/e16bc2263991df6fa304dfd616bbb96185386cb3"><code>e16bc22</code></a> Update to Changelog</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/d97a099faf0de9014d76c16008bd9858a5f51215"><code>d97a099</code></a> Deal with strict aliasing when extracting SSE2 values</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/f25c0e536c5d40275f9140449a8e67219555ac6a"><code>f25c0e5</code></a> Drop mpir.dll from packaging</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/9990033025ee7cc60aa6a4098769afcd4ec9fe88"><code>9990033</code></a> Jacobi symbol not defined for negative n, add more test vectors</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/8bdb02edcd995f49abd2e4d93ed60f9a49a80891"><code>8bdb02e</code></a> Merge branch 'lucas'</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/66fdb1fdd437669513d9ad0095f8023950a8421d"><code>66fdb1f</code></a> Increase testing for primality</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/4994e3d2e9cdbe203622064fa9f1a7bc6975a948"><code>4994e3d</code></a> Update Changelog</li> <li>Additional commits viewable in <a href="https://github.com/Legrandin/pycryptodome/compare/v3.4.3...v3.6.6">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchRoyerRamirez/radiant-rooms-calendar-sync
branch : dependabot/pip/pycryptodome-3.6.6
created branch time in 2 minutes
PR opened cjshinning/vue-pop
Bumps webpack-dev-server from 2.11.5 to 3.1.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-server/releases">webpack-dev-server's releases</a>.</em></p> <blockquote> <h2>v3.1.11</h2> <p><a name="3.1.11"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.11">3.1.11</a> (2018-12-21)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>bin/options:</strong> correct check for color support (<code>options.color</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1555">#1555</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/55398b5">55398b5</a>)</li> <li><strong>package:</strong> update <code>spdy</code> v3.4.1...4.0.0 (assertion error) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1491">#1491</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1563">#1563</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a3a257">7a3a257</a>)</li> <li><strong>Server:</strong> correct <code>node</code> version checks (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1543">#1543</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/927a2b3">927a2b3</a>)</li> <li><strong>Server:</strong> mime type for wasm in contentBase directory (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1575">#1575</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1580">#1580</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/fadae5d">fadae5d</a>)</li> <li>add url for compatibility with webpack@5 (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1598">#1598</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1599">#1599</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/68dd49a">68dd49a</a>)</li> <li>check origin header for websocket connection (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1603">#1603</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/b3217ca">b3217ca</a>)</li> </ul> <h2>v3.1.10</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.9...v3.1.10">2018-10-23</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>options:</strong> add <code>writeToDisk</code> option to schema (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1520">#1520</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/d2f4902">d2f4902</a>)</li> <li><strong>package:</strong> update <code>sockjs-client</code> v1.1.5...1.3.0 (<code>url-parse</code> vulnerability) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1537">#1537</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/e719959">e719959</a>)</li> <li><strong>Server:</strong> set <code>tls.DEFAULT_ECDH_CURVE</code> to <code>'auto'</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1531">#1531</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/c12def3">c12def3</a>)</li> </ul> <h2>v3.1.9</h2> <p>No release notes provided.</p> <h2>v3.1.8</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.7...v3.1.8">2018-09-06</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>package:</strong> <code>yargs</code> security vulnerability (<code>dependencies</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1492">#1492</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8fb67c9">8fb67c9</a>)</li> <li><strong>utils/createLogger:</strong> ensure <code>quiet</code> always takes precedence (<code>options.quiet</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1486">#1486</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a6ca47">7a6ca47</a>)</li> </ul> <h2>v3.1.7</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.6...v3.1.7">2018-08-29</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>Server:</strong> don't use <code>spdy</code> on <code>node >= v10.0.0</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1451">#1451</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8ab9eb6">8ab9eb6</a>)</li> </ul> <h2>v3.1.6</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.5...v3.1.6">2018-08-26</a></h2> <h3>Bug Fixes</h3> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md">webpack-dev-server's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.11">3.1.11</a> (2018-12-21)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>bin/options:</strong> correct check for color support (<code>options.color</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1555">#1555</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/55398b5">55398b5</a>)</li> <li><strong>package:</strong> update <code>spdy</code> v3.4.1...4.0.0 (assertion error) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1491">#1491</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1563">#1563</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a3a257">7a3a257</a>)</li> <li><strong>Server:</strong> correct <code>node</code> version checks (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1543">#1543</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/927a2b3">927a2b3</a>)</li> <li><strong>Server:</strong> mime type for wasm in contentBase directory (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1575">#1575</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1580">#1580</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/fadae5d">fadae5d</a>)</li> <li>add url for compatibility with webpack@5 (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1598">#1598</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1599">#1599</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/68dd49a">68dd49a</a>)</li> <li>check origin header for websocket connection (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1603">#1603</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/b3217ca">b3217ca</a>)</li> </ul> <p><a name="3.1.10"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.9...v3.1.10">3.1.10</a> (2018-10-23)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>options:</strong> add <code>writeToDisk</code> option to schema (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1520">#1520</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/d2f4902">d2f4902</a>)</li> <li><strong>package:</strong> update <code>sockjs-client</code> v1.1.5...1.3.0 (<code>url-parse</code> vulnerability) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1537">#1537</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/e719959">e719959</a>)</li> <li><strong>Server:</strong> set <code>tls.DEFAULT_ECDH_CURVE</code> to <code>'auto'</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1531">#1531</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/c12def3">c12def3</a>)</li> </ul> <p><a name="3.1.9"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.8...v3.1.9">3.1.9</a> (2018-09-24)</h2> <p><a name="3.1.8"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.7...v3.1.8">3.1.8</a> (2018-09-06)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>package:</strong> <code>yargs</code> security vulnerability (<code>dependencies</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1492">#1492</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8fb67c9">8fb67c9</a>)</li> <li><strong>utils/createLogger:</strong> ensure <code>quiet</code> always takes precedence (<code>options.quiet</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1486">#1486</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a6ca47">7a6ca47</a>)</li> </ul> <p><a name="3.1.7"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.6...v3.1.7">3.1.7</a> (2018-08-29)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>Server:</strong> don't use <code>spdy</code> on <code>node >= v10.0.0</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1451">#1451</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8ab9eb6">8ab9eb6</a>)</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/webpack/webpack-dev-server/commits/v3.1.11">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchcjshinning/vue-pop
branch : dependabot/npm_and_yarn/webpack-dev-server-3.1.11
created branch time in 2 minutes
PR opened cjshinning/vue-pop
Bumps webpack-bundle-analyzer from 2.13.1 to 3.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/releases">webpack-bundle-analyzer's releases</a>.</em></p> <blockquote> <h2>First test with Lerna monorepo</h2> <p><a href="https://github-redirect.dependabot.com/th0r/webpack-bundle-analyzer/pull/98">th0r/webpack-bundle-analyzer#98</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md">webpack-bundle-analyzer's changelog</a>.</em></p> <blockquote> <h2>3.3.2</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Fix regression with escaping internal assets (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/264">#264</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/263">#263</a>)</li> </ul> </li> </ul> <h2>3.3.1</h2> <ul> <li> <p><strong>Improvements</strong></p> <ul> <li>Use relative links for serving internal assets (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/261">#261</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/254">#254</a>)</li> <li>Properly escape embedded JS/JSON (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/262">#262</a>)</li> </ul> </li> <li> <p><strong>Bug Fix</strong></p> <ul> <li>Fix showing help message on <code>-h</code> flag (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/260">#260</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/239">#239</a>)</li> </ul> </li> </ul> <h2>3.3.0</h2> <ul> <li> <p><strong>New Feature</strong></p> <ul> <li>Show/hide chunks using context menu (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/246">#246</a>, <a href="https://github.com/bregenspan">@bregenspan</a>)</li> </ul> </li> <li> <p><strong>Internal</strong></p> <ul> <li>Updated dev dependencies</li> </ul> </li> </ul> <h2>3.2.0</h2> <ul> <li><strong>Improvements</strong> <ul> <li>Add support for .mjs output files (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/252">#252</a>, <a href="https://github.com/jlopezxs">@jlopezxs</a>)</li> </ul> </li> </ul> <h2>3.1.0</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Properly determine the size of the modules containing special characters (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/223">#223</a>, <a href="https://github.com/hulkish">@hulkish</a>)</li> <li>Update acorn to v6 (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/248">#248</a>, <a href="https://github.com/realityking">@realityking</a>)</li> </ul> </li> </ul> <h2>3.0.4</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Make webpack's done hook wait until analyzer writes report or stat file (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/247">#247</a>, <a href="https://github.com/mareolan">@mareolan</a>)</li> </ul> </li> </ul> <h2>3.0.3</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Disable viewer websocket connection when report is generated in <code>static</code> mode (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/215">#215</a>, <a href="https://github.com/sebastianhaeni">@sebastianhaeni</a>)</li> </ul> </li> </ul> <h2>3.0.2</h2> <ul> <li> <p><strong>Improvements</strong></p> <ul> <li>Drop <code>@babel/runtime</code> dependency (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/209">#209</a>, <a href="https://github.com/realityking">@realityking</a>)</li> <li>Properly specify minimal Node.js version in <code>.babelrc</code> (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/209">#209</a>, <a href="https://github.com/realityking">@realityking</a>)</li> </ul> </li> <li> <p><strong>Bug Fix</strong></p> </li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/345c3f5c2cc8cd1a450f155ea989859b110944a0"><code>345c3f5</code></a> v3.3.2</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/a615815d6c6fd276c41198a4351c9d5a9d63e945"><code>a615815</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/264">#264</a> from webpack-contrib/fix-escape-regression</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/20f2b4c553ee343f491faf63e39427fba9908c7c"><code>20f2b4c</code></a> Fix regression with escaping internal assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/9836649e870ef2e0a19da1ad4b17bf92c645e536"><code>9836649</code></a> v3.3.1</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/d1db52631d0716fa4a600f4bdd2ad1cea3edfb74"><code>d1db526</code></a> Remove outdated item from troubleshooting section</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/ca342796b9685cb515e364b62c445ebbe1d86c70"><code>ca34279</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/261">#261</a> from webpack-contrib/relative-links-to-assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/99818f9238a5f97a63f604bacd13bcd4a1738cc4"><code>99818f9</code></a> Fix changelog</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/21722d28183314c88ca414f2b5c21179adc86875"><code>21722d2</code></a> Add changelog entry</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/ed99c3237f5d1d9d67a2e0a12f72e3f55a47f080"><code>ed99c32</code></a> Use relative links for serving internal assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/3ce1b8c3533fb479155a9cdd6a3338b834fde7d6"><code>3ce1b8c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/262">#262</a> from webpack-contrib/proper-js-escape</li> <li>Additional commits viewable in <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v2.13.1...v3.3.2">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchcjshinning/vue-pop
branch : dependabot/npm_and_yarn/webpack-bundle-analyzer-3.3.2
created branch time in 2 minutes
PR opened MinhRieckermann/BSPORT
Bumps bootstrap from 3.3.7 to 3.4.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
PR opened MinhRieckermann/BSPORT
Bumps Microsoft.Data.OData from 5.2.0 to 5.8.4.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchMinhRieckermann/BSPORT
branch : dependabot/nuget/SharedCode/Bsportteamproject/BSportProject.Core/bootstrap-3.4.1
created branch time in 2 minutes
create barnchMinhRieckermann/BSPORT
branch : dependabot/nuget/SharedCode/Bsportteamproject/BSportProject/Microsoft.Data.OData-5.8.4
created branch time in 2 minutes
PR opened MinhRieckermann/BSPORT
Bumps bootstrap from 3.3.0 to 3.4.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchMinhRieckermann/BSPORT
branch : dependabot/nuget/SharedCode/Bsportteamproject/BSportProject/bootstrap-3.4.1
created branch time in 2 minutes
PR opened lchli/lottery-vuejs
Bumps minimist from 1.2.0 to 1.2.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/substack/minimist/commit/aeb3e27dae0412de5c0494e9563a5f10c82cc7a9"><code>aeb3e27</code></a> 1.2.5</li> <li><a href="https://github.com/substack/minimist/commit/278677b171d956b46613a158c6c486c3ef979b20"><code>278677b</code></a> 1.2.4</li> <li><a href="https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f"><code>4cf1354</code></a> security notice</li> <li><a href="https://github.com/substack/minimist/commit/1043d212c3caaf871966e710f52cfdf02f9eea4b"><code>1043d21</code></a> additional test for constructor prototype pollution</li> <li><a href="https://github.com/substack/minimist/commit/6457d7440a47f329c12c4a5abfbce211c4235b93"><code>6457d74</code></a> 1.2.3</li> <li><a href="https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab"><code>38a4d1c</code></a> even more aggressive checks for protocol pollution</li> <li><a href="https://github.com/substack/minimist/commit/13c01a5327736903704984b7f65616b8476850cc"><code>13c01a5</code></a> more failing proto pollution tests</li> <li><a href="https://github.com/substack/minimist/commit/f34df077a6b2bee1344188849a95e66777109e89"><code>f34df07</code></a> 1.2.2</li> <li><a href="https://github.com/substack/minimist/commit/67d3722413448d00a62963d2d30c34656a92d7e2"><code>67d3722</code></a> cleanup</li> <li><a href="https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94"><code>63e7ed0</code></a> don't assign onto <strong>proto</strong></li> <li>Additional commits viewable in <a href="https://github.com/substack/minimist/compare/1.2.0...1.2.5">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchlchli/lottery-vuejs
branch : dependabot/npm_and_yarn/src-cordova/minimist-1.2.5
created branch time in 2 minutes
push eventDraghiciStefan1984/Angular-Maximilian
commit sha 161d87b44d6810b46761f88c6122c39fdcc0701f
recipe observables
commit sha 02d98c2ad7c98f420f26e85ce216d2e425af0028
forms start
commit sha 365db669a10201d21576ecb6411c0f80d231b8e5
Bump bootstrap from 3.3.7 to 3.4.1 in /services-start Bumps [bootstrap](https://github.com/twbs/bootstrap) from 3.3.7 to 3.4.1. - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](https://github.com/twbs/bootstrap/compare/v3.3.7...v3.4.1) Signed-off-by: dependabot[bot] <support@github.com>
push time in 2 minutes
push eventwangweicoder/Erp
commit sha f5aa057ab63742ab5e14735fb9fa1660f18f5182
修改周次可多选,增加缓存公共方法
commit sha b014a4617259e63dc6d9d69ef167b6fd7a5e3597
修改不能统一结束养护的问题
commit sha 3d7e604ebbc07b0965d8efde90ae81cee229b5f8
修改二微码误读率
commit sha cf9bfc804bb545629f449469b48be04d169f9b40
0410增加养护记录排序,增加记录帐号功能
commit sha 0065e4f80f34c0ac2a2e1e850abb30aed178fc14
Bump bootstrap from 3.0.0 to 3.4.1 in /ERP Bumps bootstrap from 3.0.0 to 3.4.1. Signed-off-by: dependabot[bot] <support@github.com>
push time in 2 minutes
delete branch happyCoding1024/huisiblog
delete branch : dependabot/npm_and_yarn/acorn-5.7.4
delete time in 2 minutes
PR opened DraghiciStefan1984/Angular-Maximilian
Bumps bootstrap from 3.3.7 to 3.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/twbs/bootstrap/releases">bootstrap's releases</a>.</em></p> <blockquote> <h2>v3.4.1</h2> <ul> <li><strong>Security:</strong> Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer</li> <li>Handle bad selectors (<code>#</code>) in <code>data-target</code> for Dropdowns</li> <li>Clarified tooltip selector documentation</li> <li>Added support for NuGet contentFiles</li> </ul> <h2>v3.4.0</h2> <ul> <li><strong>New:</strong> Added a <code>.row-no-gutters</code> class.</li> <li><strong>New:</strong> Added docs searching via Algolia.</li> <li><strong>Fixed:</strong> Resolved an XSS issue in Alert, Carousel, Collapse, Dropdown, Modal, and Tab components. See <a href="https://snyk.io/vuln/npm:bootstrap:20160627">https://snyk.io/vuln/npm:bootstrap:20160627</a> for details.</li> <li><strong>Fixed:</strong> Added padding to <code>.navbar-fixed-*</code> on modal open</li> <li><strong>Fixed:</strong> Removed the double border on <code><abbr></code> elements.</li> <li>Removed Gist creation in web-based Customizer since anonymous gists were disabled long ago by GitHub.</li> <li>Removed drag and drop support from Customizer since it didn't work anymore.</li> <li>Added a dropdown to the docs nav for newer and previous versions.</li> <li>Update the docs to use a new <code>baseurl</code>, <code>/docs/3.4/</code>, to version the v3.x documentation like we do with v4.</li> <li>Reorganized the v3 docs CSS to use Less.</li> <li>Switched to BrowserStack for tests.</li> <li>Updated links to always use https and fix broken URLs.</li> <li>Replaced ZeroClipboard with clipboard.js</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/twbs/bootstrap/commit/68b0d231a13201eb14acd3dc84e51543d16e5f7e"><code>68b0d23</code></a> Dist</li> <li><a href="https://github.com/twbs/bootstrap/commit/2ccfa57467c0e31ec2016d1be03c55184ce8a69d"><code>2ccfa57</code></a> handle # selector for dropdown</li> <li><a href="https://github.com/twbs/bootstrap/commit/a43077d3c3b3ef9b2afc426a573b40daeff788fe"><code>a43077d</code></a> Bump version to 3.4.1.</li> <li><a href="https://github.com/twbs/bootstrap/commit/d821de271297a74a8d6a309de1d4cd9113dd77ed"><code>d821de2</code></a> Backport sanitize docs from v4.</li> <li><a href="https://github.com/twbs/bootstrap/commit/5cd9ef47f60113212b7afcdfe8d8a4883376b464"><code>5cd9ef4</code></a> Add wdm gem for Windows.</li> <li><a href="https://github.com/twbs/bootstrap/commit/d6b8501e4c2e20b6b50303c10c6a2d3ef2ac5c3b"><code>d6b8501</code></a> ES5 fixes.</li> <li><a href="https://github.com/twbs/bootstrap/commit/2c8abb9a4393addc5ffb39e649e09391c2fee701"><code>2c8abb9</code></a> Add sanitize for tooltips and popovers html content.</li> <li><a href="https://github.com/twbs/bootstrap/commit/d4129dff60d4c0c1d4ce300a485086dfe4c79cf3"><code>d4129df</code></a> Bump year.</li> <li><a href="https://github.com/twbs/bootstrap/commit/0d64d6aee646a5167d5b94217cdbd32888cf1218"><code>0d64d6a</code></a> less/modals.less: Add missing semicolon.</li> <li><a href="https://github.com/twbs/bootstrap/commit/48c5d7b8e9f65c6339390469ef6fe18b5ee6b8c3"><code>48c5d7b</code></a> Use https.</li> <li>Additional commits viewable in <a href="https://github.com/twbs/bootstrap/compare/v3.3.7...v3.4.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~xhmikosr">xhmikosr</a>, a new releaser for bootstrap since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchDraghiciStefan1984/Angular-Maximilian
branch : dependabot/npm_and_yarn/forms-td-start/bootstrap-3.4.1
created branch time in 2 minutes
pull request commenthappyCoding1024/huisiblog
Bump acorn from 5.7.3 to 5.7.4
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
comment created time in 2 minutes
delete branch AbelPark/Blog
delete branch : dependabot/npm_and_yarn/acorn-6.4.1
delete time in 2 minutes
PR opened hiramzamorano/react-hangman
Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ddfd9b11a0126db2302cb70ec9973b66baec0975"><code>ddfd9b1</code></a> Bump to v4.17.15.</li> <li><a href="https://github.com/lodash/lodash/commit/b185fcee26b2133bd071f4aaca14b455c2ed1008"><code>b185fce</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/be87d303941222b97c482755afc0f4a77ce46c30"><code>be87d30</code></a> Bump to v4.17.14.</li> <li><a href="https://github.com/lodash/lodash/commit/a6fe6b1e174fd02b5e60eb2664405f4c1262c300"><code>a6fe6b1</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.11...4.17.15">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchhiramzamorano/react-hangman
branch : dependabot/npm_and_yarn/lodash-4.17.15
created branch time in 2 minutes
PR opened hiramzamorano/react-hangman
Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchhiramzamorano/react-hangman
branch : dependabot/npm_and_yarn/lodash.template-4.5.0
created branch time in 2 minutes
PR opened hiramzamorano/react-hangman
Bumps handlebars from 4.0.12 to 4.7.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/wycats/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.6 - April 3rd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1672">#1672</a> - Switch cmd parser to latest minimist (<a href="https://api.github.com/users/dougwilson">@dougwilson</a></li> </ul> <p>Compatibility notes:</p> <ul> <li>Restored Node.js compatibility</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.5...v4.7.6">Commits</a></p> <h2>v4.7.5 - April 2nd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><del>Node.js version support has been changed to v6+</del> Reverted in 4.7.6</li> </ul> <p>Compatibility notes:</p> <ul> <li><del>Node.js < v6 is no longer supported</del> Reverted in 4.7.6</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.4...v4.7.5">Commits</a></p> <h2>v4.7.4 - April 1st, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1666">#1666</a> - Replaced minimist with yargs for handlebars CLI (<a href="https://api.github.com/users/aorinevo">@aorinevo</a>, <a href="https://api.github.com/users/AviVahl">@AviVahl</a> & <a href="https://api.github.com/users/fabb">@fabb</a>)</li> </ul> <p>Compatibility notes:</p> <ul> <li>No incompatibilities are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.3...v4.7.4">Commits</a></p> <h2>v4.7.3 - February 5th, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1644">#1644</a> - Download links to aws broken on handlebarsjs.com - access denied (<a href="https://api.github.com/users/Tea56">@Tea56</a>)</li> <li>Fix spelling and punctuation in changelog - d78cc73</li> </ul> <p>Bugfixes:</p> <ul> <li>Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a> - 4de51fe</li> <li>Include Type Definition for runtime.js in Package - a32d05f</li> </ul> <p>Compatibility notes:</p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/wycats/handlebars.js/commit/e6ad93ea01bcde1f8ddaa4b4ebe572dd616abfaa"><code>e6ad93e</code></a> v4.7.6</li> <li><a href="https://github.com/wycats/handlebars.js/commit/2bf4fc6fd3ae3d8f076d628653f284d85faebeb4"><code>2bf4fc6</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/b64202bc9197307bd785a58693e3820eb9bb41a8"><code>b64202b</code></a> Update release-notes.md</li> <li><a href="https://github.com/wycats/handlebars.js/commit/c2f1e6203178918569f085e12afdb762cae17fb0"><code>c2f1e62</code></a> Switch cmd parser to latest minimist</li> <li><a href="https://github.com/wycats/handlebars.js/commit/08e9a11a34c3ad8387a0b85b1334f97cab85191a"><code>08e9a11</code></a> Revert "chore: set Node.js compatibility to v6+"</li> <li><a href="https://github.com/wycats/handlebars.js/commit/1fd2edee2a12fb228061fcde807905c6b14339c4"><code>1fd2ede</code></a> v4.7.5</li> <li><a href="https://github.com/wycats/handlebars.js/commit/3c9c2f5cf29cf10f54d5fe4daca6b24b65f0adcf"><code>3c9c2f5</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/16487a088e13f4d52c6fd6610b9ec71c4a51be8a"><code>16487a0</code></a> chore: downgrade yargs to v14</li> <li><a href="https://github.com/wycats/handlebars.js/commit/309d2b49a11628d2a8f052c5587e7459968cd705"><code>309d2b4</code></a> chore: set Node.js compatibility to v6+</li> <li><a href="https://github.com/wycats/handlebars.js/commit/645ac73844918668f9a2f41e49b7cb18ce5abf36"><code>645ac73</code></a> test: fix integration tests</li> <li>Additional commits viewable in <a href="https://github.com/wycats/handlebars.js/compare/v4.0.12...v4.7.6">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~erisds">erisds</a>, a new releaser for handlebars since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchhiramzamorano/react-hangman
branch : dependabot/npm_and_yarn/handlebars-4.7.6
created branch time in 2 minutes
PR opened hiramzamorano/react-hangman
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchhiramzamorano/react-hangman
branch : dependabot/npm_and_yarn/mixin-deep-1.3.2
created branch time in 2 minutes
PR opened dsnguon-1541830/dsnguon-1541830.github.io
Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ddfd9b11a0126db2302cb70ec9973b66baec0975"><code>ddfd9b1</code></a> Bump to v4.17.15.</li> <li><a href="https://github.com/lodash/lodash/commit/b185fcee26b2133bd071f4aaca14b455c2ed1008"><code>b185fce</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/be87d303941222b97c482755afc0f4a77ce46c30"><code>be87d30</code></a> Bump to v4.17.14.</li> <li><a href="https://github.com/lodash/lodash/commit/a6fe6b1e174fd02b5e60eb2664405f4c1262c300"><code>a6fe6b1</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.11...4.17.15">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchdsnguon-1541830/dsnguon-1541830.github.io
branch : dependabot/npm_and_yarn/lodash-4.17.15
created branch time in 3 minutes
PR opened dsnguon-1541830/dsnguon-1541830.github.io
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchdsnguon-1541830/dsnguon-1541830.github.io
branch : dependabot/npm_and_yarn/mixin-deep-1.3.2
created branch time in 3 minutes
PR opened luxurer/vue-demo
Bumps webpack-dev-server from 2.11.5 to 3.1.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-server/releases">webpack-dev-server's releases</a>.</em></p> <blockquote> <h2>v3.1.11</h2> <p><a name="3.1.11"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.11">3.1.11</a> (2018-12-21)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>bin/options:</strong> correct check for color support (<code>options.color</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1555">#1555</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/55398b5">55398b5</a>)</li> <li><strong>package:</strong> update <code>spdy</code> v3.4.1...4.0.0 (assertion error) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1491">#1491</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1563">#1563</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a3a257">7a3a257</a>)</li> <li><strong>Server:</strong> correct <code>node</code> version checks (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1543">#1543</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/927a2b3">927a2b3</a>)</li> <li><strong>Server:</strong> mime type for wasm in contentBase directory (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1575">#1575</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1580">#1580</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/fadae5d">fadae5d</a>)</li> <li>add url for compatibility with webpack@5 (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1598">#1598</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1599">#1599</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/68dd49a">68dd49a</a>)</li> <li>check origin header for websocket connection (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1603">#1603</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/b3217ca">b3217ca</a>)</li> </ul> <h2>v3.1.10</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.9...v3.1.10">2018-10-23</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>options:</strong> add <code>writeToDisk</code> option to schema (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1520">#1520</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/d2f4902">d2f4902</a>)</li> <li><strong>package:</strong> update <code>sockjs-client</code> v1.1.5...1.3.0 (<code>url-parse</code> vulnerability) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1537">#1537</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/e719959">e719959</a>)</li> <li><strong>Server:</strong> set <code>tls.DEFAULT_ECDH_CURVE</code> to <code>'auto'</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1531">#1531</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/c12def3">c12def3</a>)</li> </ul> <h2>v3.1.9</h2> <p>No release notes provided.</p> <h2>v3.1.8</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.7...v3.1.8">2018-09-06</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>package:</strong> <code>yargs</code> security vulnerability (<code>dependencies</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1492">#1492</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8fb67c9">8fb67c9</a>)</li> <li><strong>utils/createLogger:</strong> ensure <code>quiet</code> always takes precedence (<code>options.quiet</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1486">#1486</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a6ca47">7a6ca47</a>)</li> </ul> <h2>v3.1.7</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.6...v3.1.7">2018-08-29</a></h2> <h3>Bug Fixes</h3> <ul> <li><strong>Server:</strong> don't use <code>spdy</code> on <code>node >= v10.0.0</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1451">#1451</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8ab9eb6">8ab9eb6</a>)</li> </ul> <h2>v3.1.6</h2> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.5...v3.1.6">2018-08-26</a></h2> <h3>Bug Fixes</h3> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md">webpack-dev-server's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.11">3.1.11</a> (2018-12-21)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>bin/options:</strong> correct check for color support (<code>options.color</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1555">#1555</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/55398b5">55398b5</a>)</li> <li><strong>package:</strong> update <code>spdy</code> v3.4.1...4.0.0 (assertion error) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1491">#1491</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1563">#1563</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a3a257">7a3a257</a>)</li> <li><strong>Server:</strong> correct <code>node</code> version checks (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1543">#1543</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/927a2b3">927a2b3</a>)</li> <li><strong>Server:</strong> mime type for wasm in contentBase directory (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1575">#1575</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1580">#1580</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/fadae5d">fadae5d</a>)</li> <li>add url for compatibility with webpack@5 (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1598">#1598</a>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1599">#1599</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/68dd49a">68dd49a</a>)</li> <li>check origin header for websocket connection (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1603">#1603</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/b3217ca">b3217ca</a>)</li> </ul> <p><a name="3.1.10"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.9...v3.1.10">3.1.10</a> (2018-10-23)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>options:</strong> add <code>writeToDisk</code> option to schema (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1520">#1520</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/d2f4902">d2f4902</a>)</li> <li><strong>package:</strong> update <code>sockjs-client</code> v1.1.5...1.3.0 (<code>url-parse</code> vulnerability) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1537">#1537</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/e719959">e719959</a>)</li> <li><strong>Server:</strong> set <code>tls.DEFAULT_ECDH_CURVE</code> to <code>'auto'</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1531">#1531</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/c12def3">c12def3</a>)</li> </ul> <p><a name="3.1.9"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.8...v3.1.9">3.1.9</a> (2018-09-24)</h2> <p><a name="3.1.8"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.7...v3.1.8">3.1.8</a> (2018-09-06)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>package:</strong> <code>yargs</code> security vulnerability (<code>dependencies</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1492">#1492</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8fb67c9">8fb67c9</a>)</li> <li><strong>utils/createLogger:</strong> ensure <code>quiet</code> always takes precedence (<code>options.quiet</code>) (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1486">#1486</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/7a6ca47">7a6ca47</a>)</li> </ul> <p><a name="3.1.7"></a></p> <h2><a href="https://github.com/webpack/webpack-dev-server/compare/v3.1.6...v3.1.7">3.1.7</a> (2018-08-29)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>Server:</strong> don't use <code>spdy</code> on <code>node >= v10.0.0</code> (<a href="https://github-redirect.dependabot.com/webpack/webpack-dev-server/issues/1451">#1451</a>) (<a href="https://github.com/webpack/webpack-dev-server/commit/8ab9eb6">8ab9eb6</a>)</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/webpack/webpack-dev-server/commits/v3.1.11">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchluxurer/vue-demo
branch : dependabot/npm_and_yarn/webpack-dev-server-3.1.11
created branch time in 3 minutes
PR opened luxurer/vue-demo
Bumps webpack-bundle-analyzer from 2.13.1 to 3.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/releases">webpack-bundle-analyzer's releases</a>.</em></p> <blockquote> <h2>First test with Lerna monorepo</h2> <p><a href="https://github-redirect.dependabot.com/th0r/webpack-bundle-analyzer/pull/98">th0r/webpack-bundle-analyzer#98</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md">webpack-bundle-analyzer's changelog</a>.</em></p> <blockquote> <h2>3.3.2</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Fix regression with escaping internal assets (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/264">#264</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/263">#263</a>)</li> </ul> </li> </ul> <h2>3.3.1</h2> <ul> <li> <p><strong>Improvements</strong></p> <ul> <li>Use relative links for serving internal assets (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/261">#261</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/254">#254</a>)</li> <li>Properly escape embedded JS/JSON (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/262">#262</a>)</li> </ul> </li> <li> <p><strong>Bug Fix</strong></p> <ul> <li>Fix showing help message on <code>-h</code> flag (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/260">#260</a>, fixes <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/239">#239</a>)</li> </ul> </li> </ul> <h2>3.3.0</h2> <ul> <li> <p><strong>New Feature</strong></p> <ul> <li>Show/hide chunks using context menu (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/246">#246</a>, <a href="https://github.com/bregenspan">@bregenspan</a>)</li> </ul> </li> <li> <p><strong>Internal</strong></p> <ul> <li>Updated dev dependencies</li> </ul> </li> </ul> <h2>3.2.0</h2> <ul> <li><strong>Improvements</strong> <ul> <li>Add support for .mjs output files (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/252">#252</a>, <a href="https://github.com/jlopezxs">@jlopezxs</a>)</li> </ul> </li> </ul> <h2>3.1.0</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Properly determine the size of the modules containing special characters (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/223">#223</a>, <a href="https://github.com/hulkish">@hulkish</a>)</li> <li>Update acorn to v6 (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/248">#248</a>, <a href="https://github.com/realityking">@realityking</a>)</li> </ul> </li> </ul> <h2>3.0.4</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Make webpack's done hook wait until analyzer writes report or stat file (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/247">#247</a>, <a href="https://github.com/mareolan">@mareolan</a>)</li> </ul> </li> </ul> <h2>3.0.3</h2> <ul> <li><strong>Bug Fix</strong> <ul> <li>Disable viewer websocket connection when report is generated in <code>static</code> mode (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/215">#215</a>, <a href="https://github.com/sebastianhaeni">@sebastianhaeni</a>)</li> </ul> </li> </ul> <h2>3.0.2</h2> <ul> <li> <p><strong>Improvements</strong></p> <ul> <li>Drop <code>@babel/runtime</code> dependency (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/209">#209</a>, <a href="https://github.com/realityking">@realityking</a>)</li> <li>Properly specify minimal Node.js version in <code>.babelrc</code> (<a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/pull/209">#209</a>, <a href="https://github.com/realityking">@realityking</a>)</li> </ul> </li> <li> <p><strong>Bug Fix</strong></p> </li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/345c3f5c2cc8cd1a450f155ea989859b110944a0"><code>345c3f5</code></a> v3.3.2</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/a615815d6c6fd276c41198a4351c9d5a9d63e945"><code>a615815</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/264">#264</a> from webpack-contrib/fix-escape-regression</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/20f2b4c553ee343f491faf63e39427fba9908c7c"><code>20f2b4c</code></a> Fix regression with escaping internal assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/9836649e870ef2e0a19da1ad4b17bf92c645e536"><code>9836649</code></a> v3.3.1</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/d1db52631d0716fa4a600f4bdd2ad1cea3edfb74"><code>d1db526</code></a> Remove outdated item from troubleshooting section</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/ca342796b9685cb515e364b62c445ebbe1d86c70"><code>ca34279</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/261">#261</a> from webpack-contrib/relative-links-to-assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/99818f9238a5f97a63f604bacd13bcd4a1738cc4"><code>99818f9</code></a> Fix changelog</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/21722d28183314c88ca414f2b5c21179adc86875"><code>21722d2</code></a> Add changelog entry</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/ed99c3237f5d1d9d67a2e0a12f72e3f55a47f080"><code>ed99c32</code></a> Use relative links for serving internal assets</li> <li><a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/commit/3ce1b8c3533fb479155a9cdd6a3338b834fde7d6"><code>3ce1b8c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack-contrib/webpack-bundle-analyzer/issues/262">#262</a> from webpack-contrib/proper-js-escape</li> <li>Additional commits viewable in <a href="https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v2.13.1...v3.3.2">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchluxurer/vue-demo
branch : dependabot/npm_and_yarn/webpack-bundle-analyzer-3.3.2
created branch time in 3 minutes
delete branch bitbeast18/portfolio
delete branch : dependabot/npm_and_yarn/acorn-6.4.1
delete time in 3 minutes
PR opened yeraassyl/webdev2019
Bumps acorn from 6.1.1 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li><a href="https://github.com/acornjs/acorn/commit/ac6decb94a3aa4eee99230fdaf5883dfaafe8479"><code>ac6decb</code></a> Mark version 6.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/7e9817d17639d95cc6dbacfde734a0626b2a7dea"><code>7e9817d</code></a> Allow sourceType: module even with ecmaVersion < 6</li> <li><a href="https://github.com/acornjs/acorn/commit/e2b8cc087386eccc2ad6fd4a02b4257833557cb3"><code>e2b8cc0</code></a> Fix broken parsing of new expressions when allowReserved=="never"</li> <li><a href="https://github.com/acornjs/acorn/commit/1555c528855b10320ce98b4154906d7898c92990"><code>1555c52</code></a> Update acorn.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/77c20fa2c2f490e646b67e6a0ff7e75fb54ab6c8"><code>77c20fa</code></a> Mark version 6.2.1</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/6.1.1...6.4.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
push eventshivamrai/datavizproject
commit sha 3d192fee11712b4597aa7e53ee98fae895b723df
screenshot layout
commit sha 6815cd048dbde91f7b2f11ad13ddd994fc57d9e1
Bump lodash in /us-accidents-data-vis/client/src/USAMap/react-usa-map Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>
push time in 3 minutes
PR opened yeraassyl/webdev2019
Bumps handlebars from 4.1.1 to 4.7.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/wycats/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.6 - April 3rd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1672">#1672</a> - Switch cmd parser to latest minimist (<a href="https://api.github.com/users/dougwilson">@dougwilson</a></li> </ul> <p>Compatibility notes:</p> <ul> <li>Restored Node.js compatibility</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.5...v4.7.6">Commits</a></p> <h2>v4.7.5 - April 2nd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><del>Node.js version support has been changed to v6+</del> Reverted in 4.7.6</li> </ul> <p>Compatibility notes:</p> <ul> <li><del>Node.js < v6 is no longer supported</del> Reverted in 4.7.6</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.4...v4.7.5">Commits</a></p> <h2>v4.7.4 - April 1st, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1666">#1666</a> - Replaced minimist with yargs for handlebars CLI (<a href="https://api.github.com/users/aorinevo">@aorinevo</a>, <a href="https://api.github.com/users/AviVahl">@AviVahl</a> & <a href="https://api.github.com/users/fabb">@fabb</a>)</li> </ul> <p>Compatibility notes:</p> <ul> <li>No incompatibilities are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.3...v4.7.4">Commits</a></p> <h2>v4.7.3 - February 5th, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1644">#1644</a> - Download links to aws broken on handlebarsjs.com - access denied (<a href="https://api.github.com/users/Tea56">@Tea56</a>)</li> <li>Fix spelling and punctuation in changelog - d78cc73</li> </ul> <p>Bugfixes:</p> <ul> <li>Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a> - 4de51fe</li> <li>Include Type Definition for runtime.js in Package - a32d05f</li> </ul> <p>Compatibility notes:</p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/wycats/handlebars.js/commit/e6ad93ea01bcde1f8ddaa4b4ebe572dd616abfaa"><code>e6ad93e</code></a> v4.7.6</li> <li><a href="https://github.com/wycats/handlebars.js/commit/2bf4fc6fd3ae3d8f076d628653f284d85faebeb4"><code>2bf4fc6</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/b64202bc9197307bd785a58693e3820eb9bb41a8"><code>b64202b</code></a> Update release-notes.md</li> <li><a href="https://github.com/wycats/handlebars.js/commit/c2f1e6203178918569f085e12afdb762cae17fb0"><code>c2f1e62</code></a> Switch cmd parser to latest minimist</li> <li><a href="https://github.com/wycats/handlebars.js/commit/08e9a11a34c3ad8387a0b85b1334f97cab85191a"><code>08e9a11</code></a> Revert "chore: set Node.js compatibility to v6+"</li> <li><a href="https://github.com/wycats/handlebars.js/commit/1fd2edee2a12fb228061fcde807905c6b14339c4"><code>1fd2ede</code></a> v4.7.5</li> <li><a href="https://github.com/wycats/handlebars.js/commit/3c9c2f5cf29cf10f54d5fe4daca6b24b65f0adcf"><code>3c9c2f5</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/16487a088e13f4d52c6fd6610b9ec71c4a51be8a"><code>16487a0</code></a> chore: downgrade yargs to v14</li> <li><a href="https://github.com/wycats/handlebars.js/commit/309d2b49a11628d2a8f052c5587e7459968cd705"><code>309d2b4</code></a> chore: set Node.js compatibility to v6+</li> <li><a href="https://github.com/wycats/handlebars.js/commit/645ac73844918668f9a2f41e49b7cb18ce5abf36"><code>645ac73</code></a> test: fix integration tests</li> <li>Additional commits viewable in <a href="https://github.com/wycats/handlebars.js/compare/v4.1.1...v4.7.6">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~erisds">erisds</a>, a new releaser for handlebars since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
PR opened yeraassyl/webdev2019
Bumps lodash.mergewith from 4.6.1 to 4.6.2. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/lodash/lodash/commits">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchyeraassyl/webdev2019
branch : dependabot/npm_and_yarn/WEEK11/todo-front/lodash.mergewith-4.6.2
created branch time in 3 minutes
create barnchyeraassyl/webdev2019
branch : dependabot/npm_and_yarn/WEEK11/todo-front/handlebars-4.7.6
created branch time in 3 minutes