profile
viewpoint

PR opened aspov/checkListApp

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in a few seconds

create barnchaspov/checkListApp

branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

created branch time in a few seconds

PR opened ricardobiundo/koffiecode

Bump websocket-extensions from 0.1.3 to 0.1.4 in /content/themes/casper

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in a few seconds

PR opened ricardobiundo/koffiecode

Bump express-jwt from 5.3.3 to 6.0.0

Bumps express-jwt from 5.3.3 to 6.0.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/auth0/express-jwt/commit/678f3b0e812d86b399b925f069105fc37eecde5b"><code>678f3b0</code></a> 6.0.0</li> <li><a href="https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef"><code>7ecab5f</code></a> Merge pull request from GHSA-6g6m-m6h5-w9gf</li> <li><a href="https://github.com/auth0/express-jwt/commit/304a1c5968aed7c4c520035426fc09142156669d"><code>304a1c5</code></a> Made algorithms mandatory</li> <li>See full diff in <a href="https://github.com/auth0/express-jwt/compare/v5.3.3...v6.0.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~yacine-b">yacine-b</a>, a new releaser for express-jwt since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+5 -5

0 comment

2 changed files

pr created time in a few seconds

create barnchricardobiundo/koffiecode

branch : dependabot/npm_and_yarn/express-jwt-6.0.0

created branch time in a few seconds

delete branch ayush4334/react-login-and-users-list

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in a few seconds

PR opened parthkanani93/blogpost-reactjs

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in a few seconds

delete branch peter-popluhar/monsters-rolodex

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in a few seconds

delete branch CheesyBoy03/kyst-bot

delete branch : dependabot/pip/django-2.2.13

delete time in a few seconds

PR closed CheesyBoy03/kyst-bot

Bump django from 2.2.7 to 2.2.13 dependencies

Bumps django from 2.2.7 to 2.2.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/8093aaa8ff9dd7386a069c6eb49fcc1c5980c033"><code>8093aaa</code></a> [2.2.x] Bumped version for 2.2.13 release.</li> <li><a href="https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206"><code>07e59ca</code></a> [2.2.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815"><code>6d61860</code></a> [2.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/7e1084ead07b10e36d391f5366f411c58fbcc4c2"><code>7e1084e</code></a> [2.2.x] Added release date for 2.2.13.</li> <li><a href="https://github.com/django/django/commit/2b69680264aabb94661b4f67a8e70d522070dc2a"><code>2b69680</code></a> [2.2.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/8301bc9cfad588074375edadfe0f19024dc217f8"><code>8301bc9</code></a> [2.2.x] Fixed E128, E741 flake8 warnings.</li> <li><a href="https://github.com/django/django/commit/c7bab8d2b7160a635a6f55e4d89e0a2e66d1679c"><code>c7bab8d</code></a> [2.2.x] Fixed term warning on Sphinx 3.0.1+.</li> <li><a href="https://github.com/django/django/commit/79baf338aef2ac21d3d29ee56e85f69678eef1a1"><code>79baf33</code></a> [2.2.x] Fixed highlightlang deprecation warning on Sphinx 1.8+.</li> <li><a href="https://github.com/django/django/commit/151a83e92c1a457baf028160ed9191405b869df6"><code>151a83e</code></a> [2.2.x] Fixed CodeBlock deprecation warning on Sphinx 2.1+.</li> <li><a href="https://github.com/django/django/commit/b0d810a77bbed01d45f92df93195f7bdc8d4da62"><code>b0d810a</code></a> [2.2.x] Fixed Sphinx warnings on duplicate object descriptions.</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/2.2.7...2.2.13">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in a few seconds

delete branch doublesharp/nodemailer-mock

delete branch : dependabot/npm_and_yarn/acorn-7.1.1

delete time in a few seconds

PR closed doublesharp/nodemailer-mock

Bump acorn from 7.1.0 to 7.1.1 dependencies

Bumps acorn from 7.1.0 to 7.1.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6d194895783b03b2a37441f01857c34302eab4c8"><code>6d19489</code></a> Mark release 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802"><code>793c0e5</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/b5c17877ac0511e31579ea31e7650ba1a5871e51"><code>b5c1787</code></a> Fix incorrect comment in regexp parser</li> <li><a href="https://github.com/acornjs/acorn/commit/12ae8fed7ebc5b7c894c5976575f33cf36a223cc"><code>12ae8fe</code></a> Parameterize dummy value and export <code>isDummy</code></li> <li><a href="https://github.com/acornjs/acorn/commit/fa3ad8cef0f39f5ae0cbd8be0bf65eb0a782133e"><code>fa3ad8c</code></a> Further refine acorn-walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/1d5028637852c2834091739646e25dd6558ee7a8"><code>1d50286</code></a> Fix some errors in walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/97801f0b5835bc93739666b3494c9b49aeb5fc1d"><code>97801f0</code></a> Mark acorn-walk 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/e9372c151f63fe254c7f5e7ffd7a820e34422208"><code>e9372c1</code></a> Further clean up walker types</li> <li><a href="https://github.com/acornjs/acorn/commit/de6edeb654cf665e732d822d95c97e2d2fc879bc"><code>de6edeb</code></a> Remove NarrowNode from walk.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/1d85e7ce982a979bb5411cd00fd9156eecf952a5"><code>1d85e7c</code></a> Fix: acorn-walk type work with acorn's</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/7.1.0...7.1.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in a few seconds

pull request commentCheesyBoy03/kyst-bot

Bump django from 2.2.7 to 2.2.13

Looks like django is no longer a dependency, so this is no longer needed.

dependabot[bot]

comment created time in a few seconds

pull request commentdoublesharp/nodemailer-mock

Bump acorn from 7.1.0 to 7.1.1

Looks like acorn is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a minute

delete branch peter-popluhar/monsters-rolodex

delete branch : dependabot/npm_and_yarn/acorn-5.7.4

delete time in a minute

PR opened Himanshusinghofficial/save_contacts

Bump websocket-extensions from 0.1.3 to 0.1.4 in /client

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3901 -2289

0 comment

2 changed files

pr created time in a minute

push eventsnaik7/grocery60

dependabot[bot]

commit sha 39dc6da69074b80ab8cae6df91d49b2e87341eb3

Bump django from 3.0.6 to 3.0.7 Bumps [django](https://github.com/django/django) from 3.0.6 to 3.0.7. - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/3.0.6...3.0.7) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

PR opened snaik7/grocery60

Bump django from 3.0.6 to 3.0.7

Bumps django from 3.0.6 to 3.0.7. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/44da7abda848f05caaed74f6a749038c87dedfda"><code>44da7ab</code></a> [3.0.x] Bumped version for 3.0.7 release.</li> <li><a href="https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693"><code>84b2da5</code></a> [3.0.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38"><code>1f2dd37</code></a> [3.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/256d29710193f7a2f1e92abe96c94d036f73edc6"><code>256d297</code></a> [3.0.x] Added release date for 2.2.13 and 3.0.7.</li> <li><a href="https://github.com/django/django/commit/8734a02f5d70d3d324edc96aaa763a6e8b4eb371"><code>8734a02</code></a> [3.0.x] Updated link to Celery.</li> <li><a href="https://github.com/django/django/commit/d22f67848ca1b5b34eb09b58c866a80eae3c7da1"><code>d22f678</code></a> [3.0.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/b9db04178939bb737f1343089af021ede0da50d9"><code>b9db041</code></a> [3.0.x] Adjusted URL example in tutorial.</li> <li><a href="https://github.com/django/django/commit/caf7c4630da304474115a7c41cbb1df930593a73"><code>caf7c46</code></a> [3.0.x] Fixed <a href="https://github-redirect.dependabot.com/django/django/issues/31643">#31643</a> -- Changed virtualenv doc references to Python 3 venv.</li> <li><a href="https://github.com/django/django/commit/9297a3e6275ed13bfaecc147644960906ed5063b"><code>9297a3e</code></a> [3.0.x] Fixed typo in docs/ref/templates/language.txt.</li> <li><a href="https://github.com/django/django/commit/2638627db45766a300279197b2d6f299a5ea841f"><code>2638627</code></a> [3.0.x] Fixed <a href="https://github-redirect.dependabot.com/django/django/issues/31570">#31570</a> -- Corrected translation loading for apps providing terr...</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/3.0.6...3.0.7">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+7 -31

0 comment

2 changed files

pr created time in a minute

create barnchsnaik7/grocery60

branch : dependabot/pip/django-3.0.7

created branch time in a minute

PR opened raghavendrashanthamaraju/std

Bump django from 2.0.5 to 2.2.13

Bumps django from 2.0.5 to 2.2.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/8093aaa8ff9dd7386a069c6eb49fcc1c5980c033"><code>8093aaa</code></a> [2.2.x] Bumped version for 2.2.13 release.</li> <li><a href="https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206"><code>07e59ca</code></a> [2.2.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815"><code>6d61860</code></a> [2.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/7e1084ead07b10e36d391f5366f411c58fbcc4c2"><code>7e1084e</code></a> [2.2.x] Added release date for 2.2.13.</li> <li><a href="https://github.com/django/django/commit/2b69680264aabb94661b4f67a8e70d522070dc2a"><code>2b69680</code></a> [2.2.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/8301bc9cfad588074375edadfe0f19024dc217f8"><code>8301bc9</code></a> [2.2.x] Fixed E128, E741 flake8 warnings.</li> <li><a href="https://github.com/django/django/commit/c7bab8d2b7160a635a6f55e4d89e0a2e66d1679c"><code>c7bab8d</code></a> [2.2.x] Fixed term warning on Sphinx 3.0.1+.</li> <li><a href="https://github.com/django/django/commit/79baf338aef2ac21d3d29ee56e85f69678eef1a1"><code>79baf33</code></a> [2.2.x] Fixed highlightlang deprecation warning on Sphinx 1.8+.</li> <li><a href="https://github.com/django/django/commit/151a83e92c1a457baf028160ed9191405b869df6"><code>151a83e</code></a> [2.2.x] Fixed CodeBlock deprecation warning on Sphinx 2.1+.</li> <li><a href="https://github.com/django/django/commit/b0d810a77bbed01d45f92df93195f7bdc8d4da62"><code>b0d810a</code></a> [2.2.x] Fixed Sphinx warnings on duplicate object descriptions.</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/2.0.5...2.2.13">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in a minute

PR opened raghavendrashanthamaraju/std

Bump urllib3 from 1.23 to 1.24.2

Bumps urllib3 from 1.23 to 1.24.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/master/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h2>1.24.2 (2019-04-17)</h2> <ul> <li> <p>Don't load system certificates by default when any other <code>ca_certs</code>, <code>ca_certs_dir</code> or <code>ssl_context</code> parameters are specified.</p> </li> <li> <p>Remove Authorization header regardless of case when redirecting to cross-site. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1510">#1510</a>)</p> </li> <li> <p>Add support for IPv6 addresses in subjectAltName section of certificates. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1269">#1269</a>)</p> </li> </ul> <h2>1.24.1 (2018-11-02)</h2> <ul> <li> <p>Remove quadratic behavior within <code>GzipDecoder.decompress()</code> (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1467">#1467</a>)</p> </li> <li> <p>Restored functionality of <code>ciphers</code> parameter for <code>create_urllib3_context()</code>. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1462">#1462</a>)</p> </li> </ul> <h2>1.24 (2018-10-16)</h2> <ul> <li> <p>Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449">#1449</a>)</p> </li> <li> <p>Test against Python 3.7 on AppVeyor. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453">#1453</a>)</p> </li> <li> <p>Early-out ipv6 checks when running on App Engine. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1450">#1450</a>)</p> </li> <li> <p>Change ambiguous description of backoff_factor (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1436">#1436</a>)</p> </li> <li> <p>Add ability to handle multiple Content-Encodings (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1441">#1441</a> and Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1442">#1442</a>)</p> </li> <li> <p>Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1405">#1405</a>).</p> </li> <li> <p>Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1397">#1397</a>)</p> </li> <li> <p>Drop support for EOL Python 2.6 (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1429">#1429</a> and Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1430">#1430</a>)</p> </li> <li> <p>Fixed bug where responses with header Content-Type: message/* erroneously raised HeaderParsingError, resulting in a warning being logged. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1439">#1439</a>)</p> </li> <li> <p>Move urllib3 to src/urllib3 (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1409">#1409</a>)</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1"><code>1efadf4</code></a> Release 1.24.2 (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1564">#1564</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/a6ec68a5c5c5743c59fe5c62c635c929586c429b"><code>a6ec68a</code></a> Merging new release version: 1.24.1</li> <li><a href="https://github.com/urllib3/urllib3/commit/0cedb3b0f1e5d79c89c6db767c534b064b794cf2"><code>0cedb3b</code></a> Restore context.set_ciphers() to create_urllib3_context() (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1463">#1463</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/0aeba3be0224a930f6ffef254ed12b41303a86d7"><code>0aeba3b</code></a> Use bytearray to accumulate bytes from gzip (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1468">#1468</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f8d1c787d9b02a70d66ddbde9c99061d9073d54a"><code>f8d1c78</code></a> Uninstall oclint to ensure gcc can be brew upgraded (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1464">#1464</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/cd7cfa613b2678e700597d098ce9bbdc934863e6"><code>cd7cfa6</code></a> Resolve pytest pluggy version conflict (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1457">#1457</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b548abc9812a628d3290d0cab83e44f3c31ac6fe"><code>b548abc</code></a> Update changelog for 1.24 release</li> <li><a href="https://github.com/urllib3/urllib3/commit/ef0c74542abe69421a86c4d3c6a86fe43cb809a4"><code>ef0c745</code></a> Merging new release version: 1.24</li> <li><a href="https://github.com/urllib3/urllib3/commit/a0964d9947c07d2b8495726ac23ad251b5d236af"><code>a0964d9</code></a> Add missing key_server_hostname variable (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449">#1449</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/34d8298ecf93c84f9916457d89701d6d5c807780"><code>34d8298</code></a> Test against Python 3.7 on AppVeyor (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453">#1453</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.23...1.24.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in a minute

create barnchraghavendrashanthamaraju/std

branch : dependabot/pip/django-2.2.13

created branch time in a minute

create barnchraghavendrashanthamaraju/std

branch : dependabot/pip/urllib3-1.24.2

created branch time in a minute

PR opened Himanshusinghofficial/save_contacts

Bump lodash.template from 4.4.0 to 4.5.0 in /client

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3903 -2291

0 comment

1 changed file

pr created time in a minute

push eventSpraxDev/Api.Sprax2013.de

dependabot[bot]

commit sha 8a81d2696bc47cfbfc2f6f85689c7e906c8f3bb7

Bump typescript from 3.9.5 to 3.9.6 Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.9.5 to 3.9.6. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](https://github.com/Microsoft/TypeScript/commits) Signed-off-by: dependabot[bot] <support@github.com>

view details

Christian Koop

commit sha a6a2481488be96b4f3c7b13ca3b5b24148af09b3

Merge pull request #137 from SpraxDev/dependabot/npm_and_yarn/typescript-3.9.6 Bump typescript from 3.9.5 to 3.9.6

view details

dependabot[bot]

commit sha c4076f775a5f36c0f2f110064e64e2e6bdb1d560

Bump @tensorflow/tfjs-node from 2.0.0 to 2.0.1 Bumps [@tensorflow/tfjs-node](https://github.com/tensorflow/tfjs) from 2.0.0 to 2.0.1. - [Release notes](https://github.com/tensorflow/tfjs/releases) - [Commits](https://github.com/tensorflow/tfjs/compare/tfjs-v2.0.0...tfjs-v2.0.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

PR opened Himanshusinghofficial/save_contacts

Bump mixin-deep from 1.3.1 to 1.3.2 in /client

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3894 -2282

0 comment

1 changed file

pr created time in a minute

PR opened amelhamoudi/Ask-Forms

Bump mixin-deep from 1.3.1 to 1.3.2

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+33 -14

0 comment

1 changed file

pr created time in a minute

create barnchamelhamoudi/Ask-Forms

branch : dependabot/npm_and_yarn/mixin-deep-1.3.2

created branch time in a minute

PR opened Himanshusinghofficial/save_contacts

Bump acorn from 5.7.3 to 5.7.4 in /client

Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3894 -2282

0 comment

1 changed file

pr created time in 2 minutes

PR opened Himanshusinghofficial/save_contacts

Bump serialize-javascript from 1.7.0 to 2.1.2 in /client

Bumps serialize-javascript from 1.7.0 to 2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yahoo/serialize-javascript/releases">serialize-javascript's releases</a>.</em></p> <blockquote> <h2>v2.1.2</h2> <ul> <li>Ignore .nyc_output (<a href="https://github.com/styfle">@styfle</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix regular expressions Cross-Site Scripting (XSS) vulnerability (see <a href="https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx">security advisory</a>)</li> <li>Migrate to nyc from istanbul</li> </ul> <h2>v2.1.0</h2> <ul> <li>Add <code>ignoreFunction</code> option (<a href="https://github.com/realdennis">@realdennis</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> </ul> <h2>v2.0.0</h2> <ul> <li>re-landed <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> with bump major version (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">#57</a>)</li> </ul> <h3>Behavior changes for <code>undefined</code></h3> <p>It serializes <code>undefined</code> values as follows since this version. The result of serialization may be changed if you are passing <code>undefined</code> values into the <code>serialize-javascript</code>.</p> <p><strong>v2.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{"undef":undefined}' </code></pre></p> <p><strong>v1.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{}' </code></pre></p> <h2>v1.9.1</h2> <ul> <li>Revert <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> for breaking changes (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">yahoo/serialize-javascript#57</a>)</li> <li>Bump mocha from 5.2.0 to 6.2.0 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/56">#56</a>)</li> </ul> <h2>v1.9.0</h2> <ul> <li>support serialize undefined (<a href="https://github.com/nqdy666">@nqdy666</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a>)</li> <li>Update Node.js versions to tests</li> </ul> <h2>v1.8.0</h2> <ul> <li>Enhanced object literals don't have arrows (<a href="https://github.com/jowenjowen">@jowenjowen</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/51">#51</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yahoo/serialize-javascript/commit/6c43b02710bab8ddaf0d86dd2f9602af74ade7fc"><code>6c43b02</code></a> v2.1.2</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3e05a3f0128e541f4130359b4074f0b2ca4af326"><code>3e05a3f</code></a> Ignore .nyc_output (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3c46e8e55deedefb2fbf0c396ece4b6fb8db1036"><code>3c46e8e</code></a> Bump mocha from 6.2.0 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/62">#62</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/433fc9cafe375b3f376efd12730b226035c3ee3a"><code>433fc9c</code></a> 2.1.1</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/16a68ab53d9626fc7c942b48a1163108fcd184c8"><code>16a68ab</code></a> Merge pull request from GHSA-h9rv-jmmf-4pgx</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3bab6dee8db7317310a97af5d28f0f0479d21930"><code>3bab6de</code></a> Bump mocha from 6.2.1 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/60">#60</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/7a6b13dda9a8fda08bd2befecd9bbe833ddcc592"><code>7a6b13d</code></a> Bump mocha from 6.2.0 to 6.2.1 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/59">#59</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/40cf79364e71a5b5e50d1674859b4844f86d3879"><code>40cf793</code></a> Migrate to nyc from istanbul</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/31c98adc21a54f6900f9aa6a415731d1398637c1"><code>31c98ad</code></a> 2.1.0</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/9b47a961c257f25f4eb1488ba375041a2a2aee52"><code>9b47a96</code></a> Feat. New option <code>ignoreFunction</code> according to issue#32 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> <li>Additional commits viewable in <a href="https://github.com/yahoo/serialize-javascript/compare/v1.7.0...v2.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3891 -2279

0 comment

1 changed file

pr created time in 2 minutes

push eventSpraxDev/Api.Sprax2013.de

dependabot[bot]

commit sha 8a81d2696bc47cfbfc2f6f85689c7e906c8f3bb7

Bump typescript from 3.9.5 to 3.9.6 Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.9.5 to 3.9.6. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](https://github.com/Microsoft/TypeScript/commits) Signed-off-by: dependabot[bot] <support@github.com>

view details

Christian Koop

commit sha a6a2481488be96b4f3c7b13ca3b5b24148af09b3

Merge pull request #137 from SpraxDev/dependabot/npm_and_yarn/typescript-3.9.6 Bump typescript from 3.9.5 to 3.9.6

view details

dependabot[bot]

commit sha 432b94ecbd16017d20efe2808708cb41c9406b90

Bump node-cache from 5.1.1 to 5.1.2 Bumps [node-cache](https://github.com/node-cache/node-cache) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/node-cache/node-cache/releases) - [Commits](https://github.com/node-cache/node-cache/compare/v5.1.1...v5.1.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

PR opened ayush4334/react-login-and-users-list

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+94 -6

0 comment

1 changed file

pr created time in 2 minutes

PR opened Himanshusinghofficial/save_contacts

Bump eslint-utils from 1.3.1 to 1.4.3 in /client

Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3890 -2283

0 comment

1 changed file

pr created time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/serialize-javascript-2.1.2

delete time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/mixin-deep-1.3.2

delete time in 2 minutes

PR closed Atilean/weacast

Bump serialize-javascript from 1.7.0 to 2.1.2 dependencies

Bumps serialize-javascript from 1.7.0 to 2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yahoo/serialize-javascript/releases">serialize-javascript's releases</a>.</em></p> <blockquote> <h2>v2.1.2</h2> <ul> <li>Ignore .nyc_output (<a href="https://github.com/styfle">@styfle</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix regular expressions Cross-Site Scripting (XSS) vulnerability (see <a href="https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx">security advisory</a>)</li> <li>Migrate to nyc from istanbul</li> </ul> <h2>v2.1.0</h2> <ul> <li>Add <code>ignoreFunction</code> option (<a href="https://github.com/realdennis">@realdennis</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> </ul> <h2>v2.0.0</h2> <ul> <li>re-landed <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> with bump major version (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">#57</a>)</li> </ul> <h3>Behavior changes for <code>undefined</code></h3> <p>It serializes <code>undefined</code> values as follows since this version. The result of serialization may be changed if you are passing <code>undefined</code> values into the <code>serialize-javascript</code>.</p> <p><strong>v2.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{"undef":undefined}' </code></pre></p> <p><strong>v1.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{}' </code></pre></p> <h2>v1.9.1</h2> <ul> <li>Revert <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> for breaking changes (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">yahoo/serialize-javascript#57</a>)</li> <li>Bump mocha from 5.2.0 to 6.2.0 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/56">#56</a>)</li> </ul> <h2>v1.9.0</h2> <ul> <li>support serialize undefined (<a href="https://github.com/nqdy666">@nqdy666</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a>)</li> <li>Update Node.js versions to tests</li> </ul> <h2>v1.8.0</h2> <ul> <li>Enhanced object literals don't have arrows (<a href="https://github.com/jowenjowen">@jowenjowen</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/51">#51</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yahoo/serialize-javascript/commit/6c43b02710bab8ddaf0d86dd2f9602af74ade7fc"><code>6c43b02</code></a> v2.1.2</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3e05a3f0128e541f4130359b4074f0b2ca4af326"><code>3e05a3f</code></a> Ignore .nyc_output (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3c46e8e55deedefb2fbf0c396ece4b6fb8db1036"><code>3c46e8e</code></a> Bump mocha from 6.2.0 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/62">#62</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/433fc9cafe375b3f376efd12730b226035c3ee3a"><code>433fc9c</code></a> 2.1.1</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/16a68ab53d9626fc7c942b48a1163108fcd184c8"><code>16a68ab</code></a> Merge pull request from GHSA-h9rv-jmmf-4pgx</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3bab6dee8db7317310a97af5d28f0f0479d21930"><code>3bab6de</code></a> Bump mocha from 6.2.1 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/60">#60</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/7a6b13dda9a8fda08bd2befecd9bbe833ddcc592"><code>7a6b13d</code></a> Bump mocha from 6.2.0 to 6.2.1 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/59">#59</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/40cf79364e71a5b5e50d1674859b4844f86d3879"><code>40cf793</code></a> Migrate to nyc from istanbul</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/31c98adc21a54f6900f9aa6a415731d1398637c1"><code>31c98ad</code></a> 2.1.0</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/9b47a961c257f25f4eb1488ba375041a2a2aee52"><code>9b47a96</code></a> Feat. New option <code>ignoreFunction</code> according to issue#32 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> <li>Additional commits viewable in <a href="https://github.com/yahoo/serialize-javascript/compare/v1.7.0...v2.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3872 -2244

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

PR closed Atilean/weacast

Bump mixin-deep from 1.3.1 to 1.3.2 dependencies

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3875 -2247

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentAtilean/weacast

Bump mixin-deep from 1.3.1 to 1.3.2

Looks like mixin-deep is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

pull request commentAtilean/weacast

Bump serialize-javascript from 1.7.0 to 2.1.2

Looks like serialize-javascript is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

PR closed Atilean/weacast

Bump lodash.template from 4.4.0 to 4.5.0 dependencies

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3877 -2249

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/acorn-5.7.4

delete time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/eslint-utils-1.4.3

delete time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in 2 minutes

PR closed Atilean/weacast

Bump acorn from 5.7.3 to 5.7.4 dependencies

Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3875 -2247

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

PR closed Atilean/weacast

Bump eslint-utils from 1.3.1 to 1.4.3 dependencies

Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3871 -2248

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentAtilean/weacast

Bump eslint-utils from 1.3.1 to 1.4.3

Looks like eslint-utils is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

PR closed Atilean/weacast

Bump websocket-extensions from 0.1.3 to 0.1.4 dependencies

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3875 -2247

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentAtilean/weacast

Bump acorn from 5.7.3 to 5.7.4

Looks like acorn is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

pull request commentAtilean/weacast

Bump websocket-extensions from 0.1.3 to 0.1.4

Looks like websocket-extensions is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

PR opened vidhya123cse/pinpoint

Bump requests from 0.11.1 to 2.20.0

Bumps requests from 0.11.1 to 2.20.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/master/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.20.0 (2018-10-18)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8).</li> <li>Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions.</li> <li>Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074)</li> <li><code>should_bypass_proxies</code> now handles URIs without hostnames (e.g. files).</li> </ul> <p><strong>Dependencies</strong></p> <ul> <li>Requests now supports urllib3 v1.24.</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Requests has officially stopped support for Python 2.6.</li> </ul> <h2>2.19.1 (2018-06-14)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed issue where status_codes.py's <code>init</code> function failed trying to append to a <code>doc</code> value of <code>None</code>.</li> </ul> <h2>2.19.0 (2018-06-12)</h2> <p><strong>Improvements</strong></p> <ul> <li>Warn user about possible slowdown when using cryptography version < 1.3.4</li> <li>Check for invalid host in proxy URL, before forwarding request to adapter.</li> <li>Fragments are now properly maintained across redirects. (RFC7231 7.1.2)</li> <li>Removed use of cgi module to expedite library load time.</li> <li>Added support for SHA-256 and SHA-512 digest auth algorithms.</li> <li>Minor performance improvement to <code>Request.content</code>.</li> <li>Migrate to using collections.abc for 3.7 compatibility.</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Parsing empty <code>Link</code> headers with <code>parse_header_links()</code> no longer return one bogus entry.</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/bd840450c0d1e9db3bf62382c15d96378cc3a056"><code>bd84045</code></a> v2.20.0</li> <li><a href="https://github.com/psf/requests/commit/7fd9267b3bab1d45f5e4ac0953629c5531ecbc55"><code>7fd9267</code></a> remove final remnants from 2.6</li> <li><a href="https://github.com/psf/requests/commit/6ae8a2189235b62d7c5b2a6b95528750f046097c"><code>6ae8a21</code></a> Add myself to AUTHORS</li> <li><a href="https://github.com/psf/requests/commit/89ab030cdb83a728a30e172bc65d27ba214d2eda"><code>89ab030</code></a> Use comprehensions whenever possible</li> <li><a href="https://github.com/psf/requests/commit/2c6a8426aebd853966747f2c851f551c583cb21a"><code>2c6a842</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4827">#4827</a> from webmaven/patch-1</li> <li><a href="https://github.com/psf/requests/commit/30be889651e7034eaa56edaf5794d68ffbfde9ed"><code>30be889</code></a> CVE URLs update: www sub-subdomain no longer valid</li> <li><a href="https://github.com/psf/requests/commit/a6cd380c640087218695bc7c62311a4843777e43"><code>a6cd380</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4765">#4765</a> from requests/encapsulate_urllib3_exc</li> <li><a href="https://github.com/psf/requests/commit/bbdbcc8f0553f112ff68b0950b4128bd8af000fc"><code>bbdbcc8</code></a> wrap url parsing exceptions from urllib3's PoolManager</li> <li><a href="https://github.com/psf/requests/commit/ff0c325014f817095de35013d385e137b111d6e8"><code>ff0c325</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4805">#4805</a> from jdufresne/https</li> <li><a href="https://github.com/psf/requests/commit/b0ad2499c8641d29affc90f565e6628d333d2a96"><code>b0ad249</code></a> Prefer https:// for URLs throughout project</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v0.11.1...v2.20.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 2 minutes

PR opened vidhya123cse/pinpoint

Bump gunicorn from 0.14.2 to 19.5.0

Bumps gunicorn from 0.14.2 to 19.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>19.5.0</h2> <p>== 19.5.0 ==</p> <p>=== Core ===</p> <ul> <li>fix: Ensure response to HEAD request won't have message body</li> <li>fix: lock domain socket and remove on last arbiter exit (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1220">#1220</a>)</li> <li>improvement: use EnvironmentError instead of socket.error (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/939">#939</a>)</li> <li>add: new $FORWARDDED_ALLOW_IPS environment variable (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1205">#1205</a>)</li> <li>fix: infinite recursion when destroying sockets (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1219">#1219</a>)</li> <li>fix: close sockets on shutdown (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/922">#922</a>)</li> <li>fix: clean up sys.exc_info calls to drop circular refs (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1228">#1228</a>)</li> <li>fix: do post_worker_init after load_wsgi (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1248">#1248</a>)</li> </ul> <p>=== Workers ===</p> <ul> <li>fix access logging in gaiohttp worker (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1193">#1193</a>)</li> <li>eventlet: handle QUIT in a new coroutine (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1217">#1217</a>)</li> <li>gevent: remove obsolete exception clauses in run (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1218">#1218</a>)</li> <li>tornado: fix extra "Server" response header (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1246">#1246</a>)</li> <li>fix: unblock the wait loop under python 3.5 in sync worker (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1256">#1256</a>)</li> </ul> <p>=== Logging ===</p> <ul> <li>fix: log message for listener reloading (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1181">#1181</a>)</li> <li>Let logging module handle traceback printing (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1201">#1201</a>)</li> <li>improvement: Allow configuring logger_class with statsd_host (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1188">#1188</a>)</li> <li>fix: traceback formatting (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1235">#1235</a>)</li> <li>fix: print error logs on stderr and access logs on stdout (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1184">#1184</a>)</li> </ul> <p>=== Documentation ===</p> <ul> <li>Simplify installation instructions in gunicorn.org (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1072">#1072</a>)</li> <li>Fix URL and default worker type in example_config (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1209">#1209</a>)</li> <li>update django doc url to 1.8 lts (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1213">#1213</a>)</li> <li>fix: miscellaneous wording corrections (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1216">#1216</a>)</li> <li>Add PSF License Agreement of selectors.py to NOTICE (:issue: <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1226">#1226</a>)</li> <li>document LOGGING overriding (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1051">#1051</a>)</li> <li>put a note that error logs are only errors from Gunicorn (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1124">#1124</a>)</li> <li>add a note about the requirements of the threads workers under python 2.x (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1200">#1200</a>)</li> <li>add access_log_format to config example (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1251">#1251</a>)</li> </ul> <p>=== Tests ===</p> <ul> <li>Use more pytest.raises() in test_http.py</li> </ul> <h2>19.4.5</h2> <p>== 19.4.5 ==</p> <ul> <li>fix: NameError fileno in gunicorn.http.wsgi (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1178">#1178</a>)</li> </ul> <h2>19.4.4</h2> <p>== 19.4.4 ==</p> <ul> <li>fix: check if a fileobject can be used with sendfile(2) (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1174">#1174</a>)</li> <li>doc: be more descriptive in errorlog option (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1173">#1173</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benoitc/gunicorn/commit/7d61a60ebdc7c5def005f672117026d48fa9aaf5"><code>7d61a60</code></a> add changelog</li> <li><a href="https://github.com/benoitc/gunicorn/commit/58f190d346478e235ba6406d35e88b47f46a6041"><code>58f190d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1257">#1257</a> from benoitc/fix/1256</li> <li><a href="https://github.com/benoitc/gunicorn/commit/b0c03332489c86c1d5dc0c8dbc37fa202a378f3e"><code>b0c0333</code></a> unblock the wait loop under python 3.5</li> <li><a href="https://github.com/benoitc/gunicorn/commit/9d158bec94c91c62cd5cc28a27268a5b8804d795"><code>9d158be</code></a> Add access_log_format to config example (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1251">#1251</a>)</li> <li><a href="https://github.com/benoitc/gunicorn/commit/ded610ede9a2604fc92c6d75005c0678d29fcf9d"><code>ded610e</code></a> add a note about the requirements of the threads workers under python 2.x</li> <li><a href="https://github.com/benoitc/gunicorn/commit/6f9ae5ee2fc2ec62d15d17ec83a41d22b9ad63bb"><code>6f9ae5e</code></a> put a note that error logs are only errors from Gunicorn.</li> <li><a href="https://github.com/benoitc/gunicorn/commit/65db610afea4c764eb8493b0d96353d468071152"><code>65db610</code></a> print error logs on stderr and access logs on stdout</li> <li><a href="https://github.com/benoitc/gunicorn/commit/5fa32a6dbcb7f480a5779ff949df6bc22693b159"><code>5fa32a6</code></a> document LOGGING overriding</li> <li><a href="https://github.com/benoitc/gunicorn/commit/e005c9d93a71ac58a735eeb188091414d14b3ee8"><code>e005c9d</code></a> reverse change in example_config.py</li> <li><a href="https://github.com/benoitc/gunicorn/commit/66546d66df464d288b2f019fcc04de8396731ff6"><code>66546d6</code></a> fix <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1246">#1246</a></li> <li>Additional commits viewable in <a href="https://github.com/benoitc/gunicorn/compare/0.14.2...19.5.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 2 minutes

create barnchvidhya123cse/pinpoint

branch : dependabot/pip/requests-2.20.0

created branch time in 2 minutes

create barnchvidhya123cse/pinpoint

branch : dependabot/pip/gunicorn-19.5.0

created branch time in 2 minutes

delete branch Atilean/weacast

delete branch : dependabot/npm_and_yarn/lodash.template-4.5.0

delete time in 2 minutes

delete branch mritunjayr/post-spring-boot-task

delete branch : dependabot/maven/mysql-mysql-connector-java-8.0.16

delete time in 2 minutes

delete branch SpraxDev/Api.Sprax2013.de

delete branch : dependabot/npm_and_yarn/typescript-3.9.6

delete time in 2 minutes

pull request commentAtilean/weacast

Bump lodash.template from 4.4.0 to 4.5.0

Looks like lodash.template is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

delete branch kplich/ELX-front-end

delete branch : dependabot/npm_and_yarn/acorn-6.4.1

delete time in 2 minutes

delete branch SkinDB/SkinDB.net

delete branch : dependabot/npm_and_yarn/typescript-3.9.6

delete time in 3 minutes

delete branch Mc-Auth-com/Mc-Auth-Web

delete branch : dependabot/npm_and_yarn/node-cache-5.1.2

delete time in 3 minutes

PR opened deathengel3/graphs-angular

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 3 minutes

PR opened vpvpp/JavaSpringRestAPI-s

Bump hibernate-validator from 6.0.16.Final to 6.1.0.Final

Bumps hibernate-validator from 6.0.16.Final to 6.1.0.Final. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hibernate/hibernate-validator/blob/master/changelog.txt">hibernate-validator's changelog</a>.</em></p> <blockquote> <h2>6.1.0.Final (25-10-2019)</h2> <p>** Bug

  • HV-1730 - engine - JavaBeanExecutable fails to initialize for enum type
  • HV-1715 - engine - Validation can sometimes proceed to the next group in sequence even after one of the constraints generated a violation</p> <p>** Improvement
  • HV-1729 - performance - Skip allocation of an action for each need to access the context classloader</p> <p>** Task
  • HV-1743 - build - Upgrade maven-compiler-plugin to 3.8.1
  • HV-1742 - build - Upgrade to WildFly 18.0.0.Final
  • HV-1741 - build - Upgrade ByteBuddy test dependency to 1.10.2
  • HV-1740 - engine - Deprecate <a href="https://github.com/SafeHtml">@SafeHtml</a>
  • HV-1739 - engine - CVE-2019-10219 Security issue with <a href="https://github.com/SafeHtml">@SafeHtml</a>
  • HV-1738 - build - Update Jackson test dependency to 2.9.10
  • HV-1733 - tests - Fix locale settings of PredefinedScopeValidatorFactoryTest
  • HV-1732 - build - Change tarLongFileMode to posix for assembly building
  • HV-1731 - tck-runner - Move TCK signature check to tck-runner module
  • HV-1728 - build - Upgrade to WildFly 17.0.1.Final
  • HV-1727 - build - Update Jackson Databind test dependency to 2.9.9.2
  • HV-1725 - build - Switch to using Jakarta EE artifacts
  • HV-1724 - build - Update to OpenJFX 11.0.2
  • HV-1680 - engine - Avoid reflection by using instrumentation - build the enhancer</p> <h2>6.1.0.Alpha6 (19-07-2019)</h2> <p>** Bug
  • HV-1722 - engine - Remove settings-example.xml reference from .travis.yml
  • HV-1721 - engine - Take into account Hibernate Validator-specific configuration with PredefinedScopeValidatorFactoryImpl
  • HV-1720 - engine - Support bounded wildcard types in container value unwrapping</p> <p>** New Feature
  • HV-1723 - validators - Provide a DigitsValidatorForMonetaryAmount to support <a href="https://github.com/Digits">@Digits</a> on MonetaryAmounts</p> <p>** Task
  • HV-1726 - engine - Make PredefinedScopeHibernateValidatorFactory extend HibernateValidatorFactory</p> <h2>6.1.0.Alpha5 (13-06-2019)</h2> <p>** Bug
  • HV-1713 - engine - Missing violation when a bean is validated with different groups
  • HV-1709 - validators - Polish Identification numbers are not considering length of the value
  • HV-1706 - validators - ISBN-13 algorithm does not handle checksum 10</p> <p>** Improvement
  • HV-1719 - engine - Accept setting per-validator TraversableResolver with PredefinedScopeValidatorFactoryImpl</p> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hibernate/hibernate-validator/commit/713964afeb36a3852a5d7a97f7303fa9d56457a4"><code>713964a</code></a> [Jenkins release job] Preparing release 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/7ff5803b2cb8ab4d426ef569b2c41ddca859f253"><code>7ff5803</code></a> [Jenkins release job] changelog.txt updated by release build 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/77c9ca3a1d7e8d2c774827f83afa9225acbde76d"><code>77c9ca3</code></a> [Jenkins release job] README.md updated by release build 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/4194b025e062f2fc03af1bcd0fa63e8ac67e84c1"><code>4194b02</code></a> HV-1740 Deprecate <a href="https://github.com/SafeHtml">@SafeHtml</a> for planned future removal</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee"><code>124b7dd</code></a> HV-1739 Fix CVE-2019-10219 Security issue with <a href="https://github.com/SafeHtml">@SafeHtml</a></li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/2687d3353990b869d7aaeddcdcba17ec5daf158d"><code>2687d33</code></a> HV-1743 Upgrade maven-compiler-plugin to 3.8.1</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/8b92994c55308f45d7e9e9bafec020668edac2f1"><code>8b92994</code></a> HV-1742 Upgrade to WildFly 18.0.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/ce6c698d886b7118900a3d8406927a36239426a9"><code>ce6c698</code></a> HV-1741 Upgrade ByteBuddy test dependency to 1.10.2</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/b115bb6d6b581beca9535dda49cba078c66472b0"><code>b115bb6</code></a> HV-1725 Fix a few remaining things in the README.md</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/fdfa7cef6c315f5c3c7318a352f7c47c9f11f713"><code>fdfa7ce</code></a> HV-1725 Explicitly ban javax dependencies</li> <li>Additional commits viewable in <a href="https://github.com/hibernate/hibernate-validator/compare/6.0.16.Final...6.1.0.Final">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 3 minutes

PR opened abdenny/cra-redux-toolkit-bs

Bump websocket-extensions from 0.1.3 to 0.1.4

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+204 -9

0 comment

1 changed file

pr created time in 3 minutes

delete branch gugamainchein/Qualicorp

delete branch : dependabot/npm_and_yarn/page_node_js/minimist-1.2.5

delete time in 3 minutes

delete branch mauriciocordeiro/agendjango

delete branch : dependabot/pip/django-2.2.13

delete time in 4 minutes

delete branch Mitars/DatingApp.SPA

delete branch : dependabot/npm_and_yarn/acorn-6.4.1

delete time in 4 minutes

push eventdanaph7t/p2p-media-loader

dependabot[bot]

commit sha 2b3dd8bd592299a6b4744e78e1814ff2baa7430a

Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-shaka Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.3.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 4 minutes

pull request commentMitars/DatingApp.SPA

Bump acorn from 6.4.0 to 6.4.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 4 minutes

PR opened Madhuri513/airlinereservationwithhibernate

Bump mysql-connector-java from 5.1.38 to 8.0.16

Bumps mysql-connector-java from 5.1.38 to 8.0.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES">mysql-connector-java's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/">https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/</a></h1> <p>Version 8.0.20</p> <ul> <li> <p>Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.</p> </li> <li> <p>Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.</p> </li> <li> <p>Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.</p> </li> <li> <p>Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.</p> </li> <li> <p>Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.</p> </li> <li> <p>Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.</p> </li> <li> <p>Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.</p> </li> <li> <p>WL#12248, DevAPI: Connection compression.</p> </li> <li> <p>Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.</p> </li> <li> <p>Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".</p> </li> </ul> <p>Version 8.0.19</p> <ul> <li> <p>WL#13346, Support for mult-host and failover.</p> </li> <li> <p>Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.</p> </li> <li> <p>WL#13367, DNS SRV support.</p> </li> <li> <p>WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.</p> </li> <li> <p>Fix for regression tests broken by Bug#97079 fix.</p> </li> <li> <p>Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.</p> </li> <li> <p>Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.</p> </li> <li> <p>Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.</p> </li> </ul> <p>Version 8.0.18</p> <ul> <li> <p>WL#13347, Connectors should handle expired password sandbox without SET operations.</p> </li> <li> <p>Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysql/mysql-connector-j/commit/34cbc6bc61f72836e26327537a432d6db7c77de6"><code>34cbc6b</code></a> License book updated.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/793bd554e7e815607a1f325ef998efa8d4a4bef7"><code>793bd55</code></a> Minor fix for tests failing with URL without parameters.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/58600ccd78f6eeec3a15888f943a0475cd1d470f"><code>58600cc</code></a> WL#12825, Remove third-party libraries from sources and bundles.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/5aa15d557811bbdf0f23b150f361bb42fb7591cb"><code>5aa15d5</code></a> Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/1fecc2ba0dd7e9275fc1961ba8900e9d312bd351"><code>1fecc2b</code></a> Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/f5d24e32b05337320624788ccb99830171026483"><code>f5d24e3</code></a> Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/c49db58bbc8b29d0c1cd1bbfeb086b2e3dfa74e6"><code>c49db58</code></a> WL#12246, DevAPI: Prepared statement support.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/a5c3d29931a43429df84564d9e0c578468711a0d"><code>a5c3d29</code></a> Added definition file for msi building tools.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/13045c22524afd757de1f1d56339211801aec99e"><code>13045c2</code></a> WL#10839, Adjust c/J tests to the new "ON" default for</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/2e350a5d66cda9317aa308954bafaf952e8054cb"><code>2e350a5</code></a> Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.</li> <li>Additional commits viewable in <a href="https://github.com/mysql/mysql-connector-j/compare/5.1.38...8.0.16">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 4 minutes

PR opened danaph7t/p2p-media-loader

Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-hlsjs

Bumps acorn from 6.3.0 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/6.3.0...6.4.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

pr created time in 4 minutes

push eventdanaph7t/p2p-media-loader

dependabot[bot]

commit sha c415d36069374ce93ae1a16785a8373c24db8065

Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-hlsjs Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.3.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 4 minutes

PR opened danaph7t/p2p-media-loader

Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-shaka

Bumps acorn from 6.3.0 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/6.3.0...6.4.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

pr created time in 4 minutes

PR opened danaph7t/p2p-media-loader

Bump acorn from 7.0.0 to 7.3.1 in /p2p-media-loader-demo

Bumps acorn from 7.0.0 to 7.3.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/e265eae3499b01b176e71bdab8bdb0fe042f3e3d"><code>e265eae</code></a> Mark version 7.3.1</li> <li><a href="https://github.com/acornjs/acorn/commit/50fd1bc3d3f963109a55415903cb046a1c60421f"><code>50fd1bc</code></a> Mark version 7.1.0 of acorn-loose</li> <li><a href="https://github.com/acornjs/acorn/commit/ee03be32a82c31430f5f3f820f368b53c191cc25"><code>ee03be3</code></a> Mark version 7.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/4adea30d3aa0e536eb76f516344cab3cf93ee87e"><code>4adea30</code></a> add optional chaining</li> <li><a href="https://github.com/acornjs/acorn/commit/eec9b3762bb12314c1a82b71077d76eff4699547"><code>eec9b37</code></a> Fix parsing of ambiguous object pattern with a 'set' property with a default ...</li> <li><a href="https://github.com/acornjs/acorn/commit/f66c4e727368da794f4ded115990ce7accbcc08a"><code>f66c4e7</code></a> Add type definitions for acorn.mjs (<a href="https://github-redirect.dependabot.com/acornjs/acorn/issues/954">#954</a>)</li> <li><a href="https://github.com/acornjs/acorn/commit/304ae5e62aafd5362c52e74778026a08ff35f562"><code>304ae5e</code></a> Enable allowAwaitOutsideFunction in test262, update whitelist</li> <li><a href="https://github.com/acornjs/acorn/commit/6d555e826d962db66b3a2f4fb8361e57e5a1b171"><code>6d555e8</code></a> Mark verison 7.2.0</li> <li><a href="https://github.com/acornjs/acorn/commit/82ed10dfb6a3bdce15c77856fc4ed40abc628a39"><code>82ed10d</code></a> make test262 success on Windows</li> <li><a href="https://github.com/acornjs/acorn/commit/ec7cbd145d7e89ce1f6f31dc875b5dfb8092418a"><code>ec7cbd1</code></a> Add nullish coalescing</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/7.0.0...7.3.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 4 minutes

delete branch opendistro-for-elasticsearch/security

delete branch : dependabot/maven/log4j.version-2.13.3

delete time in 4 minutes

PR opened mritunjayr/post-spring-boot-task

Bump mysql-connector-java from 8.0.15 to 8.0.16

Bumps mysql-connector-java from 8.0.15 to 8.0.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES">mysql-connector-java's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/">https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/</a></h1> <p>Version 8.0.20</p> <ul> <li> <p>Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.</p> </li> <li> <p>Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.</p> </li> <li> <p>Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.</p> </li> <li> <p>Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.</p> </li> <li> <p>Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.</p> </li> <li> <p>Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.</p> </li> <li> <p>Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.</p> </li> <li> <p>WL#12248, DevAPI: Connection compression.</p> </li> <li> <p>Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.</p> </li> <li> <p>Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".</p> </li> </ul> <p>Version 8.0.19</p> <ul> <li> <p>WL#13346, Support for mult-host and failover.</p> </li> <li> <p>Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.</p> </li> <li> <p>WL#13367, DNS SRV support.</p> </li> <li> <p>WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.</p> </li> <li> <p>Fix for regression tests broken by Bug#97079 fix.</p> </li> <li> <p>Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.</p> </li> <li> <p>Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.</p> </li> <li> <p>Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.</p> </li> </ul> <p>Version 8.0.18</p> <ul> <li> <p>WL#13347, Connectors should handle expired password sandbox without SET operations.</p> </li> <li> <p>Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysql/mysql-connector-j/commit/34cbc6bc61f72836e26327537a432d6db7c77de6"><code>34cbc6b</code></a> License book updated.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/793bd554e7e815607a1f325ef998efa8d4a4bef7"><code>793bd55</code></a> Minor fix for tests failing with URL without parameters.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/58600ccd78f6eeec3a15888f943a0475cd1d470f"><code>58600cc</code></a> WL#12825, Remove third-party libraries from sources and bundles.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/5aa15d557811bbdf0f23b150f361bb42fb7591cb"><code>5aa15d5</code></a> Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/1fecc2ba0dd7e9275fc1961ba8900e9d312bd351"><code>1fecc2b</code></a> Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/f5d24e32b05337320624788ccb99830171026483"><code>f5d24e3</code></a> Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/c49db58bbc8b29d0c1cd1bbfeb086b2e3dfa74e6"><code>c49db58</code></a> WL#12246, DevAPI: Prepared statement support.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/a5c3d29931a43429df84564d9e0c578468711a0d"><code>a5c3d29</code></a> Added definition file for msi building tools.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/13045c22524afd757de1f1d56339211801aec99e"><code>13045c2</code></a> WL#10839, Adjust c/J tests to the new "ON" default for</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/2e350a5d66cda9317aa308954bafaf952e8054cb"><code>2e350a5</code></a> Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.</li> <li>Additional commits viewable in <a href="https://github.com/mysql/mysql-connector-j/compare/8.0.15...8.0.16">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 5 minutes

pull request commentopendistro-for-elasticsearch/security

Bump log4j.version from 2.11.1 to 2.13.3

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 5 minutes

PR opened kotavi/security-on-github

Bump debug from 2.6.8 to 4.1.1

Bumps debug from 2.6.8 to 4.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/visionmedia/debug/releases">debug's releases</a>.</em></p> <blockquote> <h2>4.1.1</h2> <p>This backport fixes a bug in coveralls configuration as well as the <code>.extend()</code> function.</p> <h1>Patches</h1> <ul> <li>test: only run coveralls on travis (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/663">#663</a>, <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/664">#664</a>, d0e498f159bd425b3403db38c98fe26a345d4dcd)</li> <li>copy custom logger to namespace extension (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/646">#646</a>, 57ef085703a0158679cc4a56a4980653b828ce51)</li> </ul> <h2>4.1.0</h2> <h1>Minor Changes</h1> <ul> <li>migrate Makefile to npm scripts (4236585a40787fe60ed625452163299600df2ce6)</li> <li>feat: Return namespaces string when invoking disable() (7ef8b417a86941372074f749019b9f439a1f6ef6)</li> </ul> <p>Massive <em>thank you</em> to <a href="https://github.com/mblarsen">@mblarsen</a> and <a href="https://github.com/outsideris">@outsideris</a> for knocking out two long-awaited changes.</p> <h2>4.0.1</h2> <p>This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com.</p> <h3>Patches</h3> <ul> <li>fix browserify and supply alternative unpkg entry point (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/606">#606</a>): 99c95e3d54b07a918ad65bc148a2930ea8bfdd02</li> </ul> <h2>4.0.0</h2> <p>A long-awaited release to <code>debug</code> is available now: <strong><code>4.0.0</code></strong>.</p> <h4>Due to the delay in release and the number of changes made (including bumping dependencies in order to mitigate vulnerabilities), it is highly recommended maintainers update to the latest package version and <em>test thoroughly</em>.</h4> <h4>This release drops support for Node 4 and 5 in alignment with the <a href="https://github.com/nodejs/Release">Node.js LTS Release Schedule</a>.</h4> <hr /> <h3>Major Changes</h3> <ul> <li>move to XO (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/397">#397</a>): ba8a424d41e9dc6129e081ac3aa9715be6a45fbd</li> <li>add Node.js 10, remove Node.js 4 (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/583">#583</a>): 05b0ceb8856bc7b6bb0f2adc3de5cae3cea9c872</li> </ul> <h3>Minor Changes</h3> <ul> <li>bump vulnerable packages: 853853f9f588044d76df3daf1959ca56c5f341b7</li> <li>Fix nwjs support (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/569">#569</a>): 207a6a2d53507ec9dd57c94c46cc7d3dd272306d</li> <li>add instance extends feature (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/524">#524</a>): e43e5fed177b8698674748063f4ed1aaba1d59c8</li> <li>Add TVMLKit support (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/579">#579</a>): 02b9ea9fd7ec95c42de47da13b4b6bb8e50025d8</li> </ul> <h3>Patches</h3> <ul> <li>clean up builds: 3ca23316a470f6bc6e0d75d297179cfc19bbc763</li> <li>remove needless command aliases in makefile: 9f4f8f59ba745166b0c014a61c76de5e73d4841a</li> <li>no longer checking for BROWSER=1: 623c08ef73f8211278d5596c88041c65a2a58ee7</li> <li>fix tests: 57cde56e43003f6b404d4b3d9d76b74aafaeeec8</li> <li>clean up makefile: 62822f12668e8a0b1d1a4fd5a1c2fce1d8715da3</li> <li>fix tests: 833b6f84c8f8dc5b6f13da38ab0ef8a8ff86c0c9</li> <li>add .editorconfig: 2d2509e26bf6df1e1954267e3b1a1cb83973fb09</li> <li>add yarn-error.log to .gitignore: 7e1d5d94f31b37b460fb8d88000ab7ed0be3597e</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/visionmedia/debug/commit/68b4dc8d8549d3924673c38fccc5d594f0a38da1"><code>68b4dc8</code></a> 4.1.1</li> <li><a href="https://github.com/visionmedia/debug/commit/75716080a39f916f643bae2671ba2fdfe78d1c45"><code>7571608</code></a> remove .coveralls.yaml</li> <li><a href="https://github.com/visionmedia/debug/commit/57ef085703a0158679cc4a56a4980653b828ce51"><code>57ef085</code></a> copy custom logger to namespace extension (fixes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/646">#646</a>)</li> <li><a href="https://github.com/visionmedia/debug/commit/d0e498f159bd425b3403db38c98fe26a345d4dcd"><code>d0e498f</code></a> test: only run coveralls on travis</li> <li><a href="https://github.com/visionmedia/debug/commit/e30e8fdbc92c4cf6b3007cd1c3ad2c3cbb82be85"><code>e30e8fd</code></a> 4.1.0</li> <li><a href="https://github.com/visionmedia/debug/commit/7ef8b417a86941372074f749019b9f439a1f6ef6"><code>7ef8b41</code></a> feat: Return namespaces string when invoking disable()</li> <li><a href="https://github.com/visionmedia/debug/commit/4236585a40787fe60ed625452163299600df2ce6"><code>4236585</code></a> migrate Makefile to npm scripts</li> <li><a href="https://github.com/visionmedia/debug/commit/4490cd95bfb952e1ed756914ac225ddc987b2ba3"><code>4490cd9</code></a> 4.0.1</li> <li><a href="https://github.com/visionmedia/debug/commit/99c95e3d54b07a918ad65bc148a2930ea8bfdd02"><code>99c95e3</code></a> fix browserify and supply alternative unpkg entry point (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/606">#606</a>)</li> <li><a href="https://github.com/visionmedia/debug/commit/7fb104b8cfcbc3a91d8e4a6727638c3fe24be8d2"><code>7fb104b</code></a> 4.0.0</li> <li>Additional commits viewable in <a href="https://github.com/visionmedia/debug/compare/2.6.8...4.1.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~qix">qix</a>, a new releaser for debug since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 5 minutes

create barnchkotavi/security-on-github

branch : dependabot/npm_and_yarn/debug-4.1.1

created branch time in 5 minutes

PR opened melaninm/melaninm.github.io

Bump lodash from 4.17.10 to 4.17.15 in /assets/bootstrap-select-1.13.9

Bumps lodash from 4.17.10 to 4.17.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ddfd9b11a0126db2302cb70ec9973b66baec0975"><code>ddfd9b1</code></a> Bump to v4.17.15.</li> <li><a href="https://github.com/lodash/lodash/commit/b185fcee26b2133bd071f4aaca14b455c2ed1008"><code>b185fce</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/be87d303941222b97c482755afc0f4a77ce46c30"><code>be87d30</code></a> Bump to v4.17.14.</li> <li><a href="https://github.com/lodash/lodash/commit/a6fe6b1e174fd02b5e60eb2664405f4c1262c300"><code>a6fe6b1</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.10...4.17.15">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+42 -17

0 comment

1 changed file

pr created time in 5 minutes

PR opened melaninm/melaninm.github.io

Bump acorn from 6.0.2 to 6.4.1 in /assets/bootstrap-select-1.13.9

Bumps acorn from 6.0.2 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li><a href="https://github.com/acornjs/acorn/commit/ac6decb94a3aa4eee99230fdaf5883dfaafe8479"><code>ac6decb</code></a> Mark version 6.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/7e9817d17639d95cc6dbacfde734a0626b2a7dea"><code>7e9817d</code></a> Allow sourceType: module even with ecmaVersion < 6</li> <li><a href="https://github.com/acornjs/acorn/commit/e2b8cc087386eccc2ad6fd4a02b4257833557cb3"><code>e2b8cc0</code></a> Fix broken parsing of new expressions when allowReserved=="never"</li> <li><a href="https://github.com/acornjs/acorn/commit/1555c528855b10320ce98b4154906d7898c92990"><code>1555c52</code></a> Update acorn.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/77c20fa2c2f490e646b67e6a0ff7e75fb54ab6c8"><code>77c20fa</code></a> Mark version 6.2.1</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/6.0.2...6.4.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+42 -17

0 comment

1 changed file

pr created time in 5 minutes

PR opened melaninm/melaninm.github.io

Bump eslint-utils from 1.3.1 to 1.4.3 in /assets/bootstrap-select-1.13.9

Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+54 -18

0 comment

1 changed file

pr created time in 5 minutes

PR opened goswamiaugnai/RecklessWorld.github.io

Bump https-proxy-agent from 2.2.2 to 2.2.4 in /wp-content/themes/twentytwenty

Bumps https-proxy-agent from 2.2.2 to 2.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/TooTallNate/node-https-proxy-agent/releases">https-proxy-agent's releases</a>.</em></p> <blockquote> <h2>2.2.4</h2> <h3>Patches</h3> <ul> <li>Add <code>.editorconfig</code> file: a0d4a20458498fc31e5721471bd2b655e992d44b</li> <li>Add <code>.eslintrc.js</code> file: eecea74a1db1c943eaa4f667a561fd47c33da897</li> <li>Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy errors: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/83">#83</a></li> <li>Remove unused <code>stream</code> module: 9fdcd47bd813e9979ee57920c69e2ee2e0683cd4</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/lpinca">@lpinca</a> for helping!</p> <h2>2.2.3</h2> <h3>Patches</h3> <ul> <li>Update README with actual <code>secureProxy</code> behavior: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/65">#65</a></li> <li>Update <code>proxy</code> to v1.0.0: d0e3c18079119057b05582cb72d4fda21dfc2546</li> <li>Remove unreachable code: 46aad0988b471f042856436cf3192b0e09e36fe6</li> <li>Test on Node.js 10 and 12: 3535951e482ea52af4888938f59649ed92e81b2b</li> <li>Fix compatibility with Node.js >= 10.0.0: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/73">#73</a></li> <li>Use an <code>EventEmitter</code> to replay failed proxy connect HTTP requests: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/77">#77</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/stoically">@stoically</a>, <a href="https://github.com/lpinca">@lpinca</a>, and <a href="https://github.com/zkochan">@zkochan</a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4c4cce8cb60fd3ac6171e4428f972698eb49f45a"><code>4c4cce8</code></a> 2.2.4</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/9fdcd47bd813e9979ee57920c69e2ee2e0683cd4"><code>9fdcd47</code></a> Remove unused <code>stream</code> module</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/34ea8841922fb6447563b0521f972ac3a6062303"><code>34ea884</code></a> Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy erro...</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4296770b6a0e631e3f8e7bd6cfd41ac8e91a3ec4"><code>4296770</code></a> Prettier</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/eecea74a1db1c943eaa4f667a561fd47c33da897"><code>eecea74</code></a> Add <code>.eslintrc.js</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/a0d4a20458498fc31e5721471bd2b655e992d44b"><code>a0d4a20</code></a> Add <code>.editorconfig</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/0d8e8bfe8b12e6ffe79a39eb93068cdf64c17e78"><code>0d8e8bf</code></a> 2.2.3</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/850b8359b7d0467d721705106b58f4c7cfb937dd"><code>850b835</code></a> Revert "Use Mocha 5 for Node 4 support"</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/f5f56fa48ea4d2a61c385938e7753f5c1fe049d6"><code>f5f56fa</code></a> Remove Node 4 from Travis</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/bb837b984bd868ad69080812eb8eab01181b21d7"><code>bb837b9</code></a> Revert "Remove Node 4 from Travis"</li> <li>Additional commits viewable in <a href="https://github.com/TooTallNate/node-https-proxy-agent/compare/2.2.2...2.2.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 5 minutes

more