profile
viewpoint

PR opened kiecoo/test3

Bump lodash from 4.17.11 to 4.17.15

Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1315 -26

0 comment

2 changed files

pr created time in a minute

PR opened kiecoo/test3

Bump webpack-bundle-analyzer from 3.0.3 to 3.6.0

Bumps webpack-bundle-analyzer from 3.0.3 to 3.6.0. <details> <summary>Changelog</summary>

Sourced from webpack-bundle-analyzer's changelog.

3.6.0

3.5.2

3.5.1

  • Bug Fix
    • Fix regression in support of webpack dev server and webpack --watch (issue #312, fixed in #313 by @​gaokun)

3.5.0

  • Improvements

3.4.1

  • Bug Fix
    • Fix regression of requiring an object to be passed to new BundleAnalyzerPlugin() (issue #300, fixed in #302 by @​jerryOnlyZRJ)

3.4.0

3.3.2

  • Bug Fix
    • Fix regression with escaping internal assets (#264, fixes #263)

3.3.1

  • Improvements

    • Use relative links for serving internal assets (#261, fixes #254)
    • Properly escape embedded JS/JSON (#262)
  • Bug Fix </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 9eb7499 v3.6.0
  • 9c582cf Add changelog entry about readability improvement
  • ea074c1 Merge pull request #323 from lemonmade/fix-self-global-object
  • 2116b66 Allow self for globalObject in async chunks
  • f49796f Merge pull request #320 from lorenzos/font-and-tooltip-opacity
  • 84044cd Improved readability of translucent tooltips
  • df49b19 Fixed serif font when Verdana is not available
  • 7fd44c9 v3.5.2
  • c619d51 Merge pull request #317 from bregenspan/fix-checked-bundles-not-updating
  • 2b685ed Update changelog with checkbox fix
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1334 -142

0 comment

2 changed files

pr created time in a minute

create barnchkiecoo/test3

branch : dependabot/npm_and_yarn/lodash-4.17.15

created branch time in a minute

PR opened kiecoo/test3

Bump lodash.template from 4.4.0 to 4.5.0

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary>

  • ab73503 Bump to v4.5.0.
  • a4f7d4c Rebuild lodash and docs.
  • cca5ac6 Fix npm-test by removing the call to test-docs.
  • 9f7f9fc Adjust heading order. [ci skip]
  • 6e2fb92 Remove unused baseArity.
  • 4f702e2 Specify utf8 encoding.
  • b188f90 Add fp tests for iteratee shorthands.
  • 7b93dc9 Ensure clone methods clone expando properties of boolean, number, & string ob...
  • 664d66a Make string tests more consistent.
  • d9dc0e6 Add _.invertBy tests.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1326 -32

0 comment

2 changed files

pr created time in a minute

create barnchkiecoo/test3

branch : dependabot/npm_and_yarn/lodash.template-4.5.0

created branch time in a minute

PR opened kiecoo/test3

Bump mixin-deep from 1.3.1 to 1.3.2

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary>

  • 754f0c2 1.3.2
  • 90ee1fa ensure keys are valid when mixing in values
  • See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1319 -25

0 comment

2 changed files

pr created time in a minute

create barnchkiecoo/test3

branch : dependabot/npm_and_yarn/mixin-deep-1.3.2

created branch time in a minute

PR opened kiecoo/test3

Bump js-yaml from 3.12.1 to 3.13.1

Bumps js-yaml from 3.12.1 to 3.13.1. <details> <summary>Changelog</summary>

Sourced from js-yaml's changelog.

[3.13.1] - 2019-04-05

Security

  • Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

  • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

  • Fix noArrayIndent option for root level, #468. </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1319 -25

0 comment

2 changed files

pr created time in a minute

create barnchkiecoo/test3

branch : dependabot/npm_and_yarn/js-yaml-3.13.1

created branch time in a minute

PR opened kiecoo/test3

Bump lodash from 4.17.11 to 4.17.15 in /functions

Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+154 -61

0 comment

1 changed file

pr created time in a minute

PR opened kiecoo/test3

Bump lodash.merge from 4.6.1 to 4.6.2 in /functions

Bumps lodash.merge from 4.6.1 to 4.6.2. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+154 -61

0 comment

1 changed file

pr created time in a minute

delete branch TaoXiuxia/AccountBookV4

delete branch : dependabot/maven/spring.version-5.2.3.RELEASE

delete time in a minute

delete branch TaoXiuxia/AccountBookV4

delete branch : dependabot/maven/com.fasterxml.jackson.core-jackson-databind-2.9.10.1

delete time in a minute

delete branch ehelin/TgimbaNetCore

delete branch : dependabot/npm_and_yarn/TgimbaNetCoreWebReactJs/ClientApp/handlebars-4.5.3

delete time in a minute

PR closed ehelin/TgimbaNetCore

Bump handlebars from 4.0.11 to 4.5.3 in /TgimbaNetCoreWebReactJs/ClientApp dependencies

Bumps handlebars from 4.0.11 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+65 -76

2 comments

1 changed file

dependabot[bot]

pr closed time in a minute

push eventehelin/TgimbaNetCore

Eric Helin

commit sha fd97e671d1c20290acc33fc62b224daa9aa85a62

completed update to web client to call api...not tested yet

view details

Eric Helin

commit sha 02427ddc818dda9a2b58ce05d44b75d714c3ff58

implementation of get system and build statistics using demo user...not tested

view details

Eric Helin

commit sha e5082c591558da283a587c3c916457c0b72f63bb

base64 the demo user credentials

view details

Eric Helin

commit sha 76a8043584d3a6c4c4e6c78f88c1881920170b80

fixed statistics

view details

Eric Helin

commit sha 146eee4964bc0ab5fe1e2b4c6b2503a73143350a

Removed old assemblies, added api specific assemblies to main tgimba .net core project for integration...not compiling.

view details

Eric Helin

commit sha 7668c279fa39448eccd89860ff621b423ba19566

compilation errors fixed, but some test (some need to be redone) are failing

view details

Eric Helin

commit sha 77e0eb6b008f5feaa891a4d3208644ab294d5c2a

compiling and all tests but webclient working

view details

Eric Helin

commit sha 0ba13e4ef963e7728f35354eaf75480ce60ee1d0

all tests passing

view details

Eric Helin

commit sha a233fb8e85a0c7e20baac9d5b1e2eb334c1bdd9b

api worked into shared controller and vanillajs web projects and compiling...not tested yet

view details

Eric Helin

commit sha ad65921f5d8301e1be7522ae4a9a092d2b34a302

hooked up more of the api...still having some issues with the selenium tests and logging in

view details

Eric Helin

commit sha 2d7d10c79ee917f10aad0c780c83748145dd3aaa

Misc call updates

view details

Eric Helin

commit sha 2f419a91b4428a6aed2540356314d6cba333e627

removing dal integration tests...will keep on api.

view details

Eric Helin

commit sha 9eaae172a44ae56a3094c80c700f70d54b17a925

Updating project versions

view details

Eric Helin

commit sha d4c7b08d125af36a0e6ea3f6abb754b2a4aa61c9

updated project build version details

view details

Eric Helin

commit sha 2258f1e6f29e5d866e4b61736efd2355b74a9a43

Revert "removing dal integration tests...will keep on api." This reverts commit 2f419a91b4428a6aed2540356314d6cba333e627.

view details

Eric Helin

commit sha 716a51caa36fb828460c75150596b89a7b357806

misc

view details

Eric Helin

commit sha bac6eb6cc2bd147121961da0c28012e779c069c2

removed target lastest runtime

view details

Eric Helin

commit sha f11a25ccdd879fa6c19416d08f4cfcff1aa84e61

updating publish profile to 2.2

view details

Eric Helin

commit sha 7f596a77abae1a04f88e2ec143eb8222436c872e

removed runtime property

view details

Eric Helin

commit sha d80441f72321ea32b99633509be4d23c63050c91

updating .net core version

view details

push time in a minute

pull request commentehelin/TgimbaNetCore

Bump handlebars from 4.0.11 to 4.5.3 in /TgimbaNetCoreWebReactJs/ClientApp

Superseded by #12.

dependabot[bot]

comment created time in a minute

delete branch ehelin/TgimbaNetCore

delete branch : dependabot/npm_and_yarn/TgimbaNetCoreWebReactJs/ClientApp/handlebars-4.5.1

delete time in 2 minutes

delete branch ehelin/TgimbaNetCore

delete branch : dependabot/npm_and_yarn/TgimbaNetCoreWebAngular6/handlebars-4.5.3

delete time in 2 minutes

PR closed ehelin/TgimbaNetCore

Bump handlebars from 4.0.11 to 4.5.1 in /TgimbaNetCoreWebReactJs/ClientApp dependencies

Bumps handlebars from 4.0.11 to 4.5.1. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.1 - October 29th, 2019

Bugfixs

  • fix: move "eslint-plugin-compat" to devDependencies - 5e9d17f (#1589)

Compatibility notes:

  • No compatibility issues are to be expected

Commits

v4.5.0 - October 28th, 2019

Features / Improvements

  • Add method Handlebars.parseWithoutProcessing (#1584) - 62ed3c2
  • add guard to if & unless helpers (#1549)
  • show source location for the strict lookup exceptions - feb60f8

Bugfixes:

  • Use objects for hash value tracking - 7fcf9d2

Chore:

  • Resolve deprecation warning message from eslint while running eslint (#1586) - 7052e88
  • chore: add eslint-plugin-compat and eslint-plugin-es5 - 088e618

Compatibility notes:

  • No compatibility issues are to be expected

Commits

v4.4.5 - October 20th, 2019

Bugfixes:

  • Contents of raw-blocks must be matched with non-eager regex-matching - 8d5530e, #1579

Commits

v4.4.4 - October 20th, 2019

Bugfixes:

  • fix: prevent zero length tokens in raw-blocks (#1577, #1578) - f1752fe

Chore:

  • chore: link to s3 bucket with https, add "npm ci" to build instructions - 0b593bf

Compatibility notes:

  • no compatibility issues are expected

Commits

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 7ef8617 v4.5.1
  • b75e3e1 Update release notes
  • 5e9d17f fix: move "eslint-plugin-compat" to devDependencies
  • b24797d v4.5.0
  • a243067 Update release notes
  • 088e618 chore: add eslint-plugin-compat and eslint-plugin-es5
  • 7052e88 Resolve deprecation warning message from eslint while running eslint (#1586)
  • b8913fc Add missing types for the Exception class properties (#1583)
  • 62ed3c2 Add Handlebars.parseWithoutProcessing (#1584)
  • 7fcf9d2 Use objects for hash value tracking
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+65 -76

2 comments

1 changed file

dependabot[bot]

pr closed time in 2 minutes

PR closed ehelin/TgimbaNetCore

Bump handlebars from 4.0.12 to 4.5.3 in /TgimbaNetCoreWebAngular6 dependencies

Bumps handlebars from 4.0.12 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+72 -41

2 comments

1 changed file

dependabot[bot]

pr closed time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha fd97e671d1c20290acc33fc62b224daa9aa85a62

completed update to web client to call api...not tested yet

view details

Eric Helin

commit sha 02427ddc818dda9a2b58ce05d44b75d714c3ff58

implementation of get system and build statistics using demo user...not tested

view details

Eric Helin

commit sha e5082c591558da283a587c3c916457c0b72f63bb

base64 the demo user credentials

view details

Eric Helin

commit sha 76a8043584d3a6c4c4e6c78f88c1881920170b80

fixed statistics

view details

Eric Helin

commit sha 146eee4964bc0ab5fe1e2b4c6b2503a73143350a

Removed old assemblies, added api specific assemblies to main tgimba .net core project for integration...not compiling.

view details

Eric Helin

commit sha 7668c279fa39448eccd89860ff621b423ba19566

compilation errors fixed, but some test (some need to be redone) are failing

view details

Eric Helin

commit sha 77e0eb6b008f5feaa891a4d3208644ab294d5c2a

compiling and all tests but webclient working

view details

Eric Helin

commit sha 0ba13e4ef963e7728f35354eaf75480ce60ee1d0

all tests passing

view details

Eric Helin

commit sha a233fb8e85a0c7e20baac9d5b1e2eb334c1bdd9b

api worked into shared controller and vanillajs web projects and compiling...not tested yet

view details

Eric Helin

commit sha ad65921f5d8301e1be7522ae4a9a092d2b34a302

hooked up more of the api...still having some issues with the selenium tests and logging in

view details

Eric Helin

commit sha 2d7d10c79ee917f10aad0c780c83748145dd3aaa

Misc call updates

view details

Eric Helin

commit sha 2f419a91b4428a6aed2540356314d6cba333e627

removing dal integration tests...will keep on api.

view details

Eric Helin

commit sha 9eaae172a44ae56a3094c80c700f70d54b17a925

Updating project versions

view details

Eric Helin

commit sha d4c7b08d125af36a0e6ea3f6abb754b2a4aa61c9

updated project build version details

view details

Eric Helin

commit sha 2258f1e6f29e5d866e4b61736efd2355b74a9a43

Revert "removing dal integration tests...will keep on api." This reverts commit 2f419a91b4428a6aed2540356314d6cba333e627.

view details

Eric Helin

commit sha 716a51caa36fb828460c75150596b89a7b357806

misc

view details

Eric Helin

commit sha bac6eb6cc2bd147121961da0c28012e779c069c2

removed target lastest runtime

view details

Eric Helin

commit sha f11a25ccdd879fa6c19416d08f4cfcff1aa84e61

updating publish profile to 2.2

view details

Eric Helin

commit sha 7f596a77abae1a04f88e2ec143eb8222436c872e

removed runtime property

view details

Eric Helin

commit sha d80441f72321ea32b99633509be4d23c63050c91

updating .net core version

view details

push time in 2 minutes

pull request commentehelin/TgimbaNetCore

Bump handlebars from 4.0.11 to 4.5.1 in /TgimbaNetCoreWebReactJs/ClientApp

Superseded by #12.

dependabot[bot]

comment created time in 2 minutes

pull request commentehelin/TgimbaNetCore

Bump handlebars from 4.0.12 to 4.5.3 in /TgimbaNetCoreWebAngular6

Superseded by #11.

dependabot[bot]

comment created time in 2 minutes

PR opened JSauceda10/Notely

Bump bootstrap from 3.0.0 to 3.4.1 in /NotelyProject

Bumps bootstrap from 3.0.0 to 3.4.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 2 minutes

create barnchJSauceda10/Notely

branch : dependabot/nuget/NotelyProject/bootstrap-3.4.1

created branch time in 2 minutes

PR opened ehelin/TgimbaNetCore

Bump handlebars from 4.0.11 to 4.7.3 in /TgimbaNetCoreWebReactJs/ClientApp

Bumps handlebars from 4.0.11 to 4.7.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.7.3 - February 5th, 2020

Chore/Housekeeping:

  • #1644 - Download links to aws broken on handlebarsjs.com - access denied (@​Tea56)
  • Fix spelling and punctuation in changelog - d78cc73

Bugfixes:

  • Add Type Definition for Handlebars.VERSION, Fixes #1647 - 4de51fe
  • Include Type Definition for runtime.js in Package - a32d05f

Compatibility notes:

  • No incompatibilities are to be expected

Commits

v4.7.2 - January 13th, 2020

Bugfixes:

  • fix: don't wrap helpers that are not functions - 9d5aa36, #1639

Chore/Build:

  • chore: execute saucelabs-task only if access-key exists - a4fd391

Compatibility notes:

  • No breaking changes are to be expected

Commits

v4.7.1 - January 12th, 2020

Bugfixes:

  • fix: fix log output in case of illegal property access - f152dfc
  • fix: log error for illegal property access only once per property - 3c1e252

Compatibility notes:

  • no incompatibilities are to be expected.

Commits

v4.7.0 - January 10th, 2020

Features: </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • c978969 v4.7.3
  • 9278f21 Update release notes
  • d78cc73 Fixes spelling and punctuation
  • 4de51fe Add Type Definition for Handlebars.VERSION, Fixes #1647
  • a32d05f Include Type Definition for runtime.js in Package
  • ad63f51 chore: add missing "await" in aws-s3 publishing code
  • 586e672 v4.7.2
  • f0c6c4c Update release notes
  • a4fd391 chore: execute saucelabs-task only if access-key exists
  • 9d5aa36 fix: don't wrap helpers that are not functions
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+65 -76

0 comment

1 changed file

pr created time in 2 minutes

delete branch ehelin/TgimbaNetCore

delete branch : dependabot/npm_and_yarn/TgimbaNetCoreWebAngular6/handlebars-4.5.1

delete time in 2 minutes

PR closed ehelin/TgimbaNetCore

Bump handlebars from 4.0.12 to 4.5.1 in /TgimbaNetCoreWebAngular6 dependencies

Bumps handlebars from 4.0.12 to 4.5.1. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.1 - October 29th, 2019

Bugfixs

  • fix: move "eslint-plugin-compat" to devDependencies - 5e9d17f (#1589)

Compatibility notes:

  • No compatibility issues are to be expected

Commits

v4.5.0 - October 28th, 2019

Features / Improvements

  • Add method Handlebars.parseWithoutProcessing (#1584) - 62ed3c2
  • add guard to if & unless helpers (#1549)
  • show source location for the strict lookup exceptions - feb60f8

Bugfixes:

  • Use objects for hash value tracking - 7fcf9d2

Chore:

  • Resolve deprecation warning message from eslint while running eslint (#1586) - 7052e88
  • chore: add eslint-plugin-compat and eslint-plugin-es5 - 088e618

Compatibility notes:

  • No compatibility issues are to be expected

Commits

v4.4.5 - October 20th, 2019

Bugfixes:

  • Contents of raw-blocks must be matched with non-eager regex-matching - 8d5530e, #1579

Commits

v4.4.4 - October 20th, 2019

Bugfixes:

  • fix: prevent zero length tokens in raw-blocks (#1577, #1578) - f1752fe

Chore:

  • chore: link to s3 bucket with https, add "npm ci" to build instructions - 0b593bf

Compatibility notes:

  • no compatibility issues are expected

Commits

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 7ef8617 v4.5.1
  • b75e3e1 Update release notes
  • 5e9d17f fix: move "eslint-plugin-compat" to devDependencies
  • b24797d v4.5.0
  • a243067 Update release notes
  • 088e618 chore: add eslint-plugin-compat and eslint-plugin-es5
  • 7052e88 Resolve deprecation warning message from eslint while running eslint (#1586)
  • b8913fc Add missing types for the Exception class properties (#1583)
  • 62ed3c2 Add Handlebars.parseWithoutProcessing (#1584)
  • 7fcf9d2 Use objects for hash value tracking
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+72 -41

2 comments

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentehelin/TgimbaNetCore

Bump handlebars from 4.0.12 to 4.5.1 in /TgimbaNetCoreWebAngular6

Superseded by #11.

dependabot[bot]

comment created time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha 4ebce3df892d109545b9365b9d242ff62a95f340

more work on upsert...needs more...

view details

Eric Helin

commit sha 62fcc146d1445440d76557943b9677ef5d5e42e5

Upsert happy path test working! Still need to do alternative paths

view details

Eric Helin

commit sha 8956fb73e2c3de69cdbb7f67822e3e4c0320b575

completed upsert tests

view details

Eric Helin

commit sha d5c490795426719d479a55844927f274ffe35a41

worked out what get bucket list items service method should be...need to account for dynamic portions and add tests. Also found a couple issues with Upsert...need to update tests.

view details

Eric Helin

commit sha 5fb427097a10717d9b89da367f575ce38f36465e

updated processuser test

view details

Eric Helin

commit sha 41eb54917ba76c4c20e0a5bd4a6428b57b93772f

removed string[] from update bucket list item...that is old code...we use real objects in this version :)

view details

Eric Helin

commit sha 91a7a65eb4177f1c3d8c99a6eb9ccc963a6a82dd

more work on get bucket list items...some tests...needs more work

view details

Eric Helin

commit sha f31a5ab8c3d8954eaefa2171d8e8abb20f20f7fd

start on get bucket list item method tests

view details

Eric Helin

commit sha f301722cb6053c20403aafd52085cf9597472be8

completed happy path get bucket list item test...still need to do other tests...

view details

Eric Helin

commit sha 7d729819dd349ac78a0c836f1eaa4801383a252d

complete sub tests for get bucket list items...still need to complete the remaining alternative test on the actual method.

view details

Eric Helin

commit sha baa0f7e5d2b6b9ca8c12860be52ac69198177ea5

completed get bucket list item tests.

view details

Eric Helin

commit sha 93000e8f866c909ef0e2203186de2c76bcbd6bcf

Added delete bucket list item tests

view details

Eric Helin

commit sha b60b38a7631873362b8713f35d96081b8ec174e5

start on api integration tests (ish)

view details

Eric Helin

commit sha 9836d93c1d1262fbcbc68f5ff6be3558e02c6da5

more tests + swagger

view details

Eric Helin

commit sha 49e591dad9342c548f942a8f6608b8b337175b57

DOES NOT COMPILE...but I will fix :) Added validation and other things that broke some stuff...will be better soon :)

view details

Eric Helin

commit sha c1915bceb82d87dc4bba4ad07e436bab0d284298

compiling and tests passing...still need to add tests

view details

Eric Helin

commit sha 4eada4fc72bb7a94aab1930d0c2adcdb1b832690

validation unit tests..may need some more...

view details

Eric Helin

commit sha 375a1bd9c4f68258691e34d863a629be16cb0674

bucket list item tests done

view details

Eric Helin

commit sha 5ee057b6d6b080f4c93ce0bdb66b89d6c3745c5d

bucket list tests slimmed down a bit...

view details

Eric Helin

commit sha 1a5fc798a58bf2bbfe5d32b7607ce3f31d5bf655

all unit tests done (fingers crossed :) )

view details

push time in 2 minutes

PR opened ehelin/TgimbaNetCore

Bump handlebars from 4.0.12 to 4.7.3 in /TgimbaNetCoreWebAngular6

Bumps handlebars from 4.0.12 to 4.7.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.7.3 - February 5th, 2020

Chore/Housekeeping:

  • #1644 - Download links to aws broken on handlebarsjs.com - access denied (@​Tea56)
  • Fix spelling and punctuation in changelog - d78cc73

Bugfixes:

  • Add Type Definition for Handlebars.VERSION, Fixes #1647 - 4de51fe
  • Include Type Definition for runtime.js in Package - a32d05f

Compatibility notes:

  • No incompatibilities are to be expected

Commits

v4.7.2 - January 13th, 2020

Bugfixes:

  • fix: don't wrap helpers that are not functions - 9d5aa36, #1639

Chore/Build:

  • chore: execute saucelabs-task only if access-key exists - a4fd391

Compatibility notes:

  • No breaking changes are to be expected

Commits

v4.7.1 - January 12th, 2020

Bugfixes:

  • fix: fix log output in case of illegal property access - f152dfc
  • fix: log error for illegal property access only once per property - 3c1e252

Compatibility notes:

  • no incompatibilities are to be expected.

Commits

v4.7.0 - January 10th, 2020

Features: </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • c978969 v4.7.3
  • 9278f21 Update release notes
  • d78cc73 Fixes spelling and punctuation
  • 4de51fe Add Type Definition for Handlebars.VERSION, Fixes #1647
  • a32d05f Include Type Definition for runtime.js in Package
  • ad63f51 chore: add missing "await" in aws-s3 publishing code
  • 586e672 v4.7.2
  • f0c6c4c Update release notes
  • a4fd391 chore: execute saucelabs-task only if access-key exists
  • 9d5aa36 fix: don't wrap helpers that are not functions
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+72 -41

0 comment

1 changed file

pr created time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha 4ebce3df892d109545b9365b9d242ff62a95f340

more work on upsert...needs more...

view details

Eric Helin

commit sha 62fcc146d1445440d76557943b9677ef5d5e42e5

Upsert happy path test working! Still need to do alternative paths

view details

Eric Helin

commit sha 8956fb73e2c3de69cdbb7f67822e3e4c0320b575

completed upsert tests

view details

Eric Helin

commit sha d5c490795426719d479a55844927f274ffe35a41

worked out what get bucket list items service method should be...need to account for dynamic portions and add tests. Also found a couple issues with Upsert...need to update tests.

view details

Eric Helin

commit sha 5fb427097a10717d9b89da367f575ce38f36465e

updated processuser test

view details

Eric Helin

commit sha 41eb54917ba76c4c20e0a5bd4a6428b57b93772f

removed string[] from update bucket list item...that is old code...we use real objects in this version :)

view details

Eric Helin

commit sha 91a7a65eb4177f1c3d8c99a6eb9ccc963a6a82dd

more work on get bucket list items...some tests...needs more work

view details

Eric Helin

commit sha f31a5ab8c3d8954eaefa2171d8e8abb20f20f7fd

start on get bucket list item method tests

view details

Eric Helin

commit sha f301722cb6053c20403aafd52085cf9597472be8

completed happy path get bucket list item test...still need to do other tests...

view details

Eric Helin

commit sha 7d729819dd349ac78a0c836f1eaa4801383a252d

complete sub tests for get bucket list items...still need to complete the remaining alternative test on the actual method.

view details

Eric Helin

commit sha baa0f7e5d2b6b9ca8c12860be52ac69198177ea5

completed get bucket list item tests.

view details

Eric Helin

commit sha 93000e8f866c909ef0e2203186de2c76bcbd6bcf

Added delete bucket list item tests

view details

Eric Helin

commit sha b60b38a7631873362b8713f35d96081b8ec174e5

start on api integration tests (ish)

view details

Eric Helin

commit sha 9836d93c1d1262fbcbc68f5ff6be3558e02c6da5

more tests + swagger

view details

Eric Helin

commit sha 49e591dad9342c548f942a8f6608b8b337175b57

DOES NOT COMPILE...but I will fix :) Added validation and other things that broke some stuff...will be better soon :)

view details

Eric Helin

commit sha c1915bceb82d87dc4bba4ad07e436bab0d284298

compiling and tests passing...still need to add tests

view details

Eric Helin

commit sha 4eada4fc72bb7a94aab1930d0c2adcdb1b832690

validation unit tests..may need some more...

view details

Eric Helin

commit sha 375a1bd9c4f68258691e34d863a629be16cb0674

bucket list item tests done

view details

Eric Helin

commit sha 5ee057b6d6b080f4c93ce0bdb66b89d6c3745c5d

bucket list tests slimmed down a bit...

view details

Eric Helin

commit sha 1a5fc798a58bf2bbfe5d32b7607ce3f31d5bf655

all unit tests done (fingers crossed :) )

view details

push time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha 4ebce3df892d109545b9365b9d242ff62a95f340

more work on upsert...needs more...

view details

Eric Helin

commit sha 62fcc146d1445440d76557943b9677ef5d5e42e5

Upsert happy path test working! Still need to do alternative paths

view details

Eric Helin

commit sha 8956fb73e2c3de69cdbb7f67822e3e4c0320b575

completed upsert tests

view details

Eric Helin

commit sha d5c490795426719d479a55844927f274ffe35a41

worked out what get bucket list items service method should be...need to account for dynamic portions and add tests. Also found a couple issues with Upsert...need to update tests.

view details

Eric Helin

commit sha 5fb427097a10717d9b89da367f575ce38f36465e

updated processuser test

view details

Eric Helin

commit sha 41eb54917ba76c4c20e0a5bd4a6428b57b93772f

removed string[] from update bucket list item...that is old code...we use real objects in this version :)

view details

Eric Helin

commit sha 91a7a65eb4177f1c3d8c99a6eb9ccc963a6a82dd

more work on get bucket list items...some tests...needs more work

view details

Eric Helin

commit sha f31a5ab8c3d8954eaefa2171d8e8abb20f20f7fd

start on get bucket list item method tests

view details

Eric Helin

commit sha f301722cb6053c20403aafd52085cf9597472be8

completed happy path get bucket list item test...still need to do other tests...

view details

Eric Helin

commit sha 7d729819dd349ac78a0c836f1eaa4801383a252d

complete sub tests for get bucket list items...still need to complete the remaining alternative test on the actual method.

view details

Eric Helin

commit sha baa0f7e5d2b6b9ca8c12860be52ac69198177ea5

completed get bucket list item tests.

view details

Eric Helin

commit sha 93000e8f866c909ef0e2203186de2c76bcbd6bcf

Added delete bucket list item tests

view details

Eric Helin

commit sha b60b38a7631873362b8713f35d96081b8ec174e5

start on api integration tests (ish)

view details

Eric Helin

commit sha 9836d93c1d1262fbcbc68f5ff6be3558e02c6da5

more tests + swagger

view details

Eric Helin

commit sha 49e591dad9342c548f942a8f6608b8b337175b57

DOES NOT COMPILE...but I will fix :) Added validation and other things that broke some stuff...will be better soon :)

view details

Eric Helin

commit sha c1915bceb82d87dc4bba4ad07e436bab0d284298

compiling and tests passing...still need to add tests

view details

Eric Helin

commit sha 4eada4fc72bb7a94aab1930d0c2adcdb1b832690

validation unit tests..may need some more...

view details

Eric Helin

commit sha 375a1bd9c4f68258691e34d863a629be16cb0674

bucket list item tests done

view details

Eric Helin

commit sha 5ee057b6d6b080f4c93ce0bdb66b89d6c3745c5d

bucket list tests slimmed down a bit...

view details

Eric Helin

commit sha 1a5fc798a58bf2bbfe5d32b7607ce3f31d5bf655

all unit tests done (fingers crossed :) )

view details

push time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha 4ebce3df892d109545b9365b9d242ff62a95f340

more work on upsert...needs more...

view details

Eric Helin

commit sha 62fcc146d1445440d76557943b9677ef5d5e42e5

Upsert happy path test working! Still need to do alternative paths

view details

Eric Helin

commit sha 8956fb73e2c3de69cdbb7f67822e3e4c0320b575

completed upsert tests

view details

Eric Helin

commit sha d5c490795426719d479a55844927f274ffe35a41

worked out what get bucket list items service method should be...need to account for dynamic portions and add tests. Also found a couple issues with Upsert...need to update tests.

view details

Eric Helin

commit sha 5fb427097a10717d9b89da367f575ce38f36465e

updated processuser test

view details

Eric Helin

commit sha 41eb54917ba76c4c20e0a5bd4a6428b57b93772f

removed string[] from update bucket list item...that is old code...we use real objects in this version :)

view details

Eric Helin

commit sha 91a7a65eb4177f1c3d8c99a6eb9ccc963a6a82dd

more work on get bucket list items...some tests...needs more work

view details

Eric Helin

commit sha f31a5ab8c3d8954eaefa2171d8e8abb20f20f7fd

start on get bucket list item method tests

view details

Eric Helin

commit sha f301722cb6053c20403aafd52085cf9597472be8

completed happy path get bucket list item test...still need to do other tests...

view details

Eric Helin

commit sha 7d729819dd349ac78a0c836f1eaa4801383a252d

complete sub tests for get bucket list items...still need to complete the remaining alternative test on the actual method.

view details

Eric Helin

commit sha baa0f7e5d2b6b9ca8c12860be52ac69198177ea5

completed get bucket list item tests.

view details

Eric Helin

commit sha 93000e8f866c909ef0e2203186de2c76bcbd6bcf

Added delete bucket list item tests

view details

Eric Helin

commit sha b60b38a7631873362b8713f35d96081b8ec174e5

start on api integration tests (ish)

view details

Eric Helin

commit sha 9836d93c1d1262fbcbc68f5ff6be3558e02c6da5

more tests + swagger

view details

Eric Helin

commit sha 49e591dad9342c548f942a8f6608b8b337175b57

DOES NOT COMPILE...but I will fix :) Added validation and other things that broke some stuff...will be better soon :)

view details

Eric Helin

commit sha c1915bceb82d87dc4bba4ad07e436bab0d284298

compiling and tests passing...still need to add tests

view details

Eric Helin

commit sha 4eada4fc72bb7a94aab1930d0c2adcdb1b832690

validation unit tests..may need some more...

view details

Eric Helin

commit sha 375a1bd9c4f68258691e34d863a629be16cb0674

bucket list item tests done

view details

Eric Helin

commit sha 5ee057b6d6b080f4c93ce0bdb66b89d6c3745c5d

bucket list tests slimmed down a bit...

view details

Eric Helin

commit sha 1a5fc798a58bf2bbfe5d32b7607ce3f31d5bf655

all unit tests done (fingers crossed :) )

view details

push time in 2 minutes

push eventehelin/TgimbaNetCore

Eric Helin

commit sha 82343de07935c31975dcab4d98c47a514c2eb6ee

more work on upsert bucket list item...still needs work

view details

Eric Helin

commit sha c20cb722d6f3cb213e82c30e55306a5a772881e8

more upsert bucket list item work...added validation for jwt token and decrypting it

view details

Eric Helin

commit sha 7d61198b46f4441e17c8db1d068e4f22236f5ca4

more work...still needs to be completed.

view details

Eric Helin

commit sha 4ebce3df892d109545b9365b9d242ff62a95f340

more work on upsert...needs more...

view details

Eric Helin

commit sha 62fcc146d1445440d76557943b9677ef5d5e42e5

Upsert happy path test working! Still need to do alternative paths

view details

Eric Helin

commit sha 8956fb73e2c3de69cdbb7f67822e3e4c0320b575

completed upsert tests

view details

Eric Helin

commit sha d5c490795426719d479a55844927f274ffe35a41

worked out what get bucket list items service method should be...need to account for dynamic portions and add tests. Also found a couple issues with Upsert...need to update tests.

view details

Eric Helin

commit sha 5fb427097a10717d9b89da367f575ce38f36465e

updated processuser test

view details

Eric Helin

commit sha 41eb54917ba76c4c20e0a5bd4a6428b57b93772f

removed string[] from update bucket list item...that is old code...we use real objects in this version :)

view details

Eric Helin

commit sha 91a7a65eb4177f1c3d8c99a6eb9ccc963a6a82dd

more work on get bucket list items...some tests...needs more work

view details

Eric Helin

commit sha f31a5ab8c3d8954eaefa2171d8e8abb20f20f7fd

start on get bucket list item method tests

view details

Eric Helin

commit sha f301722cb6053c20403aafd52085cf9597472be8

completed happy path get bucket list item test...still need to do other tests...

view details

Eric Helin

commit sha 7d729819dd349ac78a0c836f1eaa4801383a252d

complete sub tests for get bucket list items...still need to complete the remaining alternative test on the actual method.

view details

Eric Helin

commit sha baa0f7e5d2b6b9ca8c12860be52ac69198177ea5

completed get bucket list item tests.

view details

Eric Helin

commit sha 93000e8f866c909ef0e2203186de2c76bcbd6bcf

Added delete bucket list item tests

view details

Eric Helin

commit sha b60b38a7631873362b8713f35d96081b8ec174e5

start on api integration tests (ish)

view details

Eric Helin

commit sha 9836d93c1d1262fbcbc68f5ff6be3558e02c6da5

more tests + swagger

view details

Eric Helin

commit sha 49e591dad9342c548f942a8f6608b8b337175b57

DOES NOT COMPILE...but I will fix :) Added validation and other things that broke some stuff...will be better soon :)

view details

Eric Helin

commit sha c1915bceb82d87dc4bba4ad07e436bab0d284298

compiling and tests passing...still need to add tests

view details

Eric Helin

commit sha 4eada4fc72bb7a94aab1930d0c2adcdb1b832690

validation unit tests..may need some more...

view details

push time in 2 minutes

delete branch huangtiancai/htcblog

delete branch : dependabot/npm_and_yarn/front/webpack-dev-server-3.1.11

delete time in 3 minutes

PR closed huangtiancai/htcblog

Bump webpack-dev-server from 2.11.5 to 3.1.11 in /front dependencies

Bumps webpack-dev-server from 2.11.5 to 3.1.11. <details> <summary>Release notes</summary>

Sourced from webpack-dev-server's releases.

v3.1.11

<a name="3.1.11"></a>

3.1.11 (2018-12-21)

Bug Fixes

v3.1.10

2018-10-23

Bug Fixes

  • options: add writeToDisk option to schema (#1520) (d2f4902)
  • package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
  • Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

v3.1.9

No release notes provided.

v3.1.8

2018-09-06

Bug Fixes

  • package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
  • utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

v3.1.7

2018-08-29

Bug Fixes

  • Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

v3.1.6

2018-08-26

Bug Fixes

</tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from webpack-dev-server's changelog.

3.1.11 (2018-12-21)

Bug Fixes

<a name="3.1.10"></a>

3.1.10 (2018-10-23)

Bug Fixes

  • options: add writeToDisk option to schema (#1520) (d2f4902)
  • package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
  • Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

<a name="3.1.9"></a>

3.1.9 (2018-09-24)

<a name="3.1.8"></a>

3.1.8 (2018-09-06)

Bug Fixes

  • package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
  • utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

<a name="3.1.7"></a>

3.1.7 (2018-08-29)

Bug Fixes

  • Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+477 -243

2 comments

2 changed files

dependabot[bot]

pr closed time in 3 minutes

pull request commenthuangtiancai/htcblog

Bump webpack-dev-server from 2.11.5 to 3.1.11 in /front

Looks like webpack-dev-server is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 3 minutes

PR opened tandat56/Spring-mvc

Bump springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE in /Spring-test

Bumps springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-orm from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-orm's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-context from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-aspects from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-aspects's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 3 minutes

PR opened aldo220686/curso-angular6

Bump bootstrap from 4.1.3 to 4.3.1 in /angular-hola-mundo

Bumps bootstrap from 4.1.3 to 4.3.1. <details> <summary>Release notes</summary>

Sourced from bootstrap's releases.

v4.3.1

  • Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
  • Fixed a small issue with our RFS (responsive font sizes) mixins

v4.3.0

Highlights

  • New: Added .stretched-link utility to make any anchor the size of it's nearest position: relative parent, perfect for entirely clickable cards!
  • New: Added .text-break utility for applying word-break: break-word
  • New: Added .rounded-sm and .rounded-lg for small and large border-radius.
  • New: Added .modal-dialog-scrollable modifier class for scrolling content within a modal.
  • New: Added responsive .list-group-horizontal modifier classes for displaying list groups as a horizontal row.
  • Improved: Reduced our compiled CSS by using null for variables that by default inherit their values from other elements (e.g., $headings-color was inherit and is now null until you modifier it in your custom CSS).
  • Improved: Badge focus styles now match their background-color like our buttons.
  • Fixed: Silenced bad selectors in our JS plugins for the href HTML attribute to avoid JavaScript errors. Please try to use valid selectors or the data-target HTML attribute/target option where available.
  • Fixed: Reverted v4.2.1's change to the breakpoint and grid container Sass maps that blocked folks from upgrading when modifying those default variables.
  • Fixed: Restored white-space: nowrap to .dropdown-toggle (before v4.2.1 it was on all .btns) so carets don't wrap to new lines.
  • Deprecated: img-retina, invisible, float, and size mixins are now deprecated and will be removed in v5.

Links

v4.2.1

Bump to v4.2.1 to republish package on npm. See v4.2.0 release notes for changes introduced in v4.2.

v4.2.0

Here are the highlights of what's new and updated in v4.2.

  • New: Added a new spinner loading component.
  • New: Added new toast component for displaying notifications.
  • New: Added a new iOS style switch (a modifier class to our custom checkboxes).
  • New: Added touch support in our carousel component.
  • New: Added .font-weight-lighter and .font-weight-bolder utilities.
  • New: Added .text-decoration-none utility class.
  • New: Added .modal-xl modifier class for our modals.
  • New: Added new negative margin utility classes (e.g., .mb-n3). These rad new classes not only allow you more control over your general spacing needs, but also allow you to create responsive grid gutters at each breakpoint.
  • New: Validated form fields now have feedback icons on :invalid and :valid fields. Disable them with the $enable-validation-icons boolean Sass variable (defaults to true).
  • New: Added a new versions page to our docs
  • New: Tooltips/Popovers work with Shadow DOM
  • Updated: Redesigned the custom checkboxes and radios for more obvious states.
  • Updated: bootstrap-grid.css now includes our margin and padding utilities for full control of our grid system.
  • Updated: Changed auto columns (e.g., .col-auto) from max-width: none to max-width: 100% to prevent content from causing a column to overflow the parent.
  • Updated: Improved rendering of custom selects, ranges, file input, and more.

Checkout the full v4.2.0 ship list and GitHub project for the full details. Up next is v4.3 with some bugfixes, a few new modifier classes and variables, and some new utilities.

Head to to the v4.2.x docs to see the latest in action. The full release has been published to npm and will soon appear on the Bootstrap CDN and Rubygems. </details> <details> <summary>Commits</summary>

This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+55 -21

0 comment

2 changed files

pr created time in 3 minutes

PR opened Jarolccis/SeguridadWebApiAngularProject

Bump Microsoft.AspNetCore.All from 2.0.3 to 2.0.9 in /WebApiPaises

Bumps Microsoft.AspNetCore.All from 2.0.3 to 2.0.9. <details> <summary>Commits</summary>

  • 84d6a54 Merge 2.0.9 into release/2.0
  • 43ec723 Merge branch release/2.0
  • cc0e039 Add required infrastructure improvements to submodules to support NETStandard...
  • 9030255 Merge branch 'release/2.0'
  • 1895502 Update the LZMA to include NETStandard.Library 2.0.3
  • e7c57af Upgrade to NETCore.App 2.0.9 (#29)
  • 8fd6124 Merge branch 'release/2.0'
  • 93f2e99 Fix for uploading blobs to private Azure blob containers
  • aa91b80 Add script used to deploy blobs to Azure storage
  • b1f55ff Merge branch 'release/2.0' of release/2.0.9
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 3 minutes

delete branch tandat56/Spring-mvc

delete branch : dependabot/maven/Spring-test/springframework.version-5.2.3.RELEASE

delete time in 4 minutes

PR closed tandat56/Spring-mvc

Bump springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE in /Spring-test dependencies

Bumps springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-orm from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-orm's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-context from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.13.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

3 comments

1 changed file

dependabot[bot]

pr closed time in 4 minutes

pull request commenttandat56/Spring-mvc

Bump springframework.version from 4.3.13.RELEASE to 5.2.3.RELEASE in /Spring-test

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot[bot]

comment created time in 4 minutes

PR opened tandat56/Spring-mvc

Bump spring-data-jpa from 1.10.2.RELEASE to 1.11.23.RELEASE in /Spring-test

Bumps spring-data-jpa from 1.10.2.RELEASE to 1.11.23.RELEASE.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 4 minutes

PR opened tandat56/Spring-mvc

Bump jackson-databind from 2.6.3 to 2.9.10.1 in /Spring-test

Bumps jackson-databind from 2.6.3 to 2.9.10.1. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 4 minutes

push eventshimphillip/portfolio

dependabot[bot]

commit sha aa6cd3513e1f21f514b06f6c23fac720ab043eb6

Bump lodash from 4.17.11 to 4.17.13 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13) Signed-off-by: dependabot[bot] <support@github.com>

view details

Phillip Shim

commit sha d2e88e6be6f250df72dd0a62040f0c7e30d81bad

Merge pull request #1 from shimphillip/dependabot/npm_and_yarn/lodash-4.17.13 Bump lodash from 4.17.11 to 4.17.13

view details

dependabot[bot]

commit sha 0e0f79f83148ba0fe734b96b31f4f7d18978b70e

Bump mixin-deep from 1.3.1 to 1.3.2 Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/jonschlinkert/mixin-deep/releases) - [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 6 minutes

PR opened AleksandrRyb/ReactShop

Bump mongoose from 5.7.1 to 5.7.5

Bumps mongoose from 5.7.1 to 5.7.5. <details> <summary>Changelog</summary>

Sourced from mongoose's changelog.

5.7.14 / 2019-12-06

  • fix(cursor): wait until all eachAsync() functions finish before resolving the promise #8352
  • fix(update): handle embedded discriminator paths when discriminator key is defined in the update #8378
  • fix(schematype): handle passing message function to SchemaType#validate() as positional arg #8360
  • fix(map): handle cloning a schema that has a map of subdocuments #8357
  • docs(schema): clarify that uppercase, lowercase, and trim options for SchemaString don't affect RegExp queries #8333

5.7.13 / 2019-11-29

  • fix: upgrade mongodb driver -> 3.3.5 #8383
  • fix(model): catch the error when insertMany fails to initialize the document #8365 #8363 Fonger
  • fix(schema): add array.$, array.$.$ subpaths for nested arrays #6405
  • docs(error): add more detail about the ValidatorError class, including properties #8346
  • docs(connection): document Connection#models property #8314

5.7.12 / 2019-11-19

  • fix: avoid throwing error if calling push() on a doc array with no parent #8351 #8317 #8312 AbdelrahmanHafez
  • fix(connection): only buffer for "open" events when calling connection helper while connecting #8319
  • fix(connection): pull default database from connection string if specified #8355 #8354 zachazar
  • fix(populate+discriminator): handle populating document whose discriminator value is different from discriminator model name #8324
  • fix: add mongoose.isValidObjectId() function to test whether Mongoose can cast a value to an objectid #3823
  • fix(model): support setting excludeIndexes as schema option for subdocs #8343
  • fix: add SchemaMapOptions class for options to map schematype #8318
  • docs(query): remove duplicate omitUndefined options #8349 mdumandag
  • docs(schema): add Schema#paths docs to public API docs #8340

5.7.11 / 2019-11-14

  • fix: update mongodb driver -> 3.3.4 #8276
  • fix(model): throw readable error when casting bulkWrite update without a 'filter' or 'update' #8332 #8331 AbdelrahmanHafez
  • fix(connection): bubble up connected/disconnected events with unified topology #8338 #8337
  • fix(model): delete $versionError after saving #8326 #8048 Fonger
  • test(model): add test for issue #8040 #8341 Fonger

5.7.10 / 2019-11-11

  • perf(cursor): remove unnecessary setTimeout() in eachAsync(), 4x speedup in basic benchmarks #8310
  • docs(README): re-order sections for better readability #8321 dandv
  • chore: make npm test not hard-code file paths #8322 stieg

5.7.9 / 2019-11-08

  • fix(schema): support setting schema path to an instance of SchemaTypeOptions to fix integration with mongoose-i18n-localize #8297 #8292
  • fix(populate): make retainNullValues set array element to null if foreign doc with that id was not found #8293
  • fix(document): support getter setting virtual on manually populated doc when calling toJSON() #8295
  • fix(model): allow objects with toBSON() to make it to save() #8299

5.7.8 / 2019-11-04 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 40a879b chore: release 5.7.5
  • 159457d chore: add vpn black friday as sponsor
  • e6285ea Merge pull request #8244 from AbdelrahmanHafez/master
  • d9163f5 fix: correct order for declaration
  • cec9dda Minor refactor to ValidationError
  • 13ae085 docs(index): add favicon to home page
  • 96ce0eb style: fix lint
  • 973b1e0 docs: add schema options to API docs
  • cdfb507 chore: add useUnifiedTopology for tests re: #8212
  • 936ddfb fix(update): handle subdocument pre('validate') errors in update validation
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+75 -88

0 comment

3 changed files

pr created time in 6 minutes

create barnchAleksandrRyb/ReactShop

branch : dependabot/npm_and_yarn/mongoose-5.7.5

created branch time in 6 minutes

push eventjessestuart/js-tachyons

Renovate Bot

commit sha d9a620cfa3c014f3656a76fec24cf43785fc39e8

chore(deps): update dependency renovate to v19.141.2

view details

Renovate Bot

commit sha 8800bf98a4f7f738521c94c324ce6ae6890a1fcd

chore(deps): update dependency renovate to v19.142.1

view details

Renovate Bot

commit sha fb3374721c365479e79547a45e45c77cfc665fee

chore(deps): update dependency renovate to v19.143.0

view details

Renovate Bot

commit sha 0ddf8beb0771a97f957a9853ec063ef9e73e207c

chore(deps): update dependency @types/node to v12.12.28

view details

Renovate Bot

commit sha 59fd3c3b49aab5e55093b25c6c78ee8bd686a8a5

chore(deps): update dependency renovate to v19.144.0

view details

Renovate Bot

commit sha b933f1d49acfdbe37de9cc4ee85d42a45f45f45c

chore(deps): update dependency typescript to v3.8.2

view details

Renovate Bot

commit sha ac7067e955456fe7dc65bc0f152a2f0711571f0c

chore(deps): update dependency renovate to v19.144.1

view details

Renovate Bot

commit sha 5d44ca8e7889bc0201916ed37902a51748f4159f

chore(deps): update dependency renovate to v19.145.0

view details

Renovate Bot

commit sha 4d757b06cc134166e1875ea415d9e47119fa5f95

chore(deps): update dependency renovate to v19.145.1

view details

Renovate Bot

commit sha 9ea7aa391cd1c95284fc889ca7a9badc78569315

chore(deps): update dependency renovate to v19.146.0

view details

Renovate Bot

commit sha 932f8f6bb4b250f1445daf39b51fd7fa480535b8

chore(deps): update dependency renovate to v19.146.1

view details

dependabot[bot]

commit sha fd868ea89b6499d76e5e8be26d1988a07701c880

chore(deps): bump npm from 6.13.1 to 6.13.7 Bumps [npm](https://github.com/npm/cli) from 6.13.1 to 6.13.7. - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md) - [Commits](https://github.com/npm/cli/compare/v6.13.1...v6.13.7) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 6 minutes

PR opened TaoXiuxia/AccountBookV4

Bump spring.version from 4.3.6.RELEASE to 5.2.3.RELEASE

Bumps spring.version from 4.3.6.RELEASE to 5.2.3.RELEASE.

Updates spring-core from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-core's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-web from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-web's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-oxm from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-oxm's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-tx from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-tx's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-jdbc from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-jdbc's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-webmvc from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-webmvc's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-aop from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-aop's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-context-support from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-context-support's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Updates spring-test from 4.3.6.RELEASE to 5.2.3.RELEASE <details> <summary>Release notes</summary>

Sourced from spring-test's releases.

v5.2.3.RELEASE

:star: New Features

  • Update throwable to SQLException #24337
  • Update CORS support #24327
  • Improve exception message in AopContext.currentProxy() #24321
  • Trim line in LineInfo only once #24310
  • Merge getCallableInterceptors and getDeferredResultInterceptors #24305
  • Optimize SimpleAliasRegistry hasAlias implementation #24295
  • Improve ExposeInvocationInterceptor exception message #24293
  • Add ContentLength support for InputStreamResource created in ResourceHttpMessageConverter and ResourceDecoder #24292
  • StringHttpMessageConverter addDefaultHeaders() should check media type for wildcard before setting it into headers #24283
  • Add fast path for ClassUtils.hasMethod #24282
  • Support headers with multiple values in ResponseStatusException #24261
  • Remove quality parameter from chosen media type in WebFlux responses #24239
  • Remove Content-* response headers before error handling in WebFlux #24238
  • Reuse InputStream for ResourceRegionHttpMessageConverter #24214
  • Un-deprecate PathResource (for java.nio.file.Path resolution in createRelative) #24211
  • Simplify AdvisedSupport.removeAdvisor() #24205
  • Add BeanPropertyRowMapper.newInstance(mappedClass, conversionService) #24195
  • Short-circuit in AbstractBeanDefinition.equals() #24185
  • Expose local address in reactive ServerHttpRequest #24174
  • Improve exception message for mixed explicit and implicit aliases with @AliasFor #24168
  • Hoist constant result of SerializableTypeWrapper.unwrap() out of loop #24167
  • Add "application/*+xml" as supported media type to XML decoders #24164
  • Hoist Class.getName() from String concatenation to dodge an issue related to profile pollution #24153
  • Let UriUtils.encode…(…) methods optimize for sources without the need to be encoded #24152
  • Add accessor for logPrefix in ClientResponse to allow tying a ClientRequest to a ClientResponse #24146
  • Support variable resolution of wildcard types #24145
  • WebTestClientExtensions.expectBody doesn't work for generic types #24142
  • Add firstElement to CollectionUtils #24135
  • Improve configuration API of ClientCodecConfigurer.CustomCodecs #24124
  • Introduce BeanNameGenerator based on fully qualified class name #24114
  • ContentDisposition cannot parse encoded filename with leading space #24112
  • Add option to encode MultiValueMap of query params #24043
  • AbstractMessageConverterMethodProcessor results in 406 with "Accept: /" when @RequestMapping produces condition determined the content type #23287
  • Allow testing with any value for Content-Type and Accept header in MockHttpServletRequestBuilder #2079

:beetle: Bug Fixes

  • StringDecoder buffer leak related to maxInMemorySize limit #24339
  • Cloning a WebClient.Builder instance does not copy strategiesConfigurers #24329
  • SimpleKey contains invalid hashcode on deserialization when parameters include an enum #24320
  • ServerSentEventHttpMessageReader does not respect maxInMemorySize and is always limited to 256k messages #24312
  • Unsafe double-checked locking in SpelExpression#compileExpression #24265
  • Ensure CORS processing does not add Vary header twice on async requests #24223
  • Escape quotes in filename in ContentDisposition.Builder when charset not specified #24220
  • ClassUtils.getInterfaceMethodIfPossible overhead in cached methods for SpEL key/condition expressions #24206
  • ClientCodecConfigurer drops MultipartHttpMessageWriter.partWriters when mutated #24194
  • Regression: annotation searches no longer handle exceptions #24188 </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 0ddc62e Release version 5.2.3.RELEASE
  • 8740c2d Warning against split URL handling in docs
  • 5debd86 Upgrade to Reactor Dysprosium SR3
  • 1c270d8 Fix Checkstyle violation
  • 29fe65d Upgrade to Dysprosium snapshots
  • 8a60867 Polishing regarding AJDT versions
  • 33ffdd8 Update copyright date
  • c84dd55 Fix typo in ReflectionUtilsTests
  • cbc5746 Support for maxInMemorySize in SSE reader
  • a741ae4 Improve limit handling in StringDecoder
  • Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 7 minutes

pull request commentShuaibMalik786/chat-app

Bump handlebars from 4.1.2 to 4.5.3 in /backend

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 7 minutes

pull request commentShuaibMalik786/chat-app

Bump mongoose from 5.6.4 to 5.7.5 in /backend

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in 7 minutes

delete branch shimphillip/portfolio

delete branch : dependabot/npm_and_yarn/lodash-4.17.13

delete time in 7 minutes

push eventakki1027/Bookers2

akki1027

commit sha e261880b7b131c4fcf06ed7fd10dd6523404c845

[Install] devise

view details

dependabot[bot]

commit sha 20aa133da45166005c650af60778c27c508b9954

Bump bootstrap-sass from 3.3.7 to 3.4.1 Bumps [bootstrap-sass](https://github.com/twbs/bootstrap-sass) from 3.3.7 to 3.4.1. - [Release notes](https://github.com/twbs/bootstrap-sass/releases) - [Changelog](https://github.com/twbs/bootstrap-sass/blob/master/CHANGELOG.md) - [Commits](https://github.com/twbs/bootstrap-sass/compare/v3.3.7...v3.4.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 7 minutes

PR opened masterbhero/SmartFarmApi

Bump mongoose from 5.6.3 to 5.7.5

Bumps mongoose from 5.6.3 to 5.7.5. <details> <summary>Changelog</summary>

Sourced from mongoose's changelog.

5.7.5 / 2019-10-14

  • fix(query): delete top-level _bsontype property in queries to prevent silent empty queries #8222
  • fix(update): handle subdocument pre('validate') errors in update validation #7187
  • fix(subdocument): make subdocument#isModified use parent document's isModified #8223
  • docs(index): add favicon to home page #8226
  • docs: add schema options to API docs #8012
  • docs(middleware): add note about accessing the document being updated in pre('findOneAndUpdate') #8218
  • refactor: remove redundant code in ValidationError #8244 AbdelrahmanHafez

5.7.4 / 2019-10-09

  • fix(schema): handle required: null and required: undefined as required: false #8219
  • fix(update): support updating array embedded discriminator props if discriminator key in $elemMatch #8063
  • fix(populate): allow accessing populate virtual prop underneath array when virtual defined on top level #8198
  • fix(model): support passing options to Model.remove() #8211
  • fix(document): handle Document#set() merge option when setting underneath single nested schema #8201
  • fix: use options constructor class for all schematypes #8012

5.7.3 / 2019-09-30

  • fix: make CoreMongooseArray#includes() handle fromIndex parameter #8203
  • fix(update): cast right hand side of $pull as a query instead of an update for document arrays #8166
  • fix(populate): handle virtual populate of an embedded discriminator nested path #8173
  • docs(validation): remove deprecated isAsync from validation docs in favor of emphasizing promises #8184
  • docs(documents): add overwriting section #8178
  • docs(promises): add note about queries being thenable #8110
  • perf: avoid update validators going into Mixed types #8192 birdofpreyru
  • refactor: remove async as a prod dependency #8073

5.7.2 / 2019-09-23

  • fix(mongoose): support mongoose.set('autoIndex', false) #8158
  • fix(discriminator): support tiedValue parameter for embedded discriminators analagous to top-level discriminators #8164
  • fix(query): handle toConstructor() with entries-style sort syntax #8159
  • fix(populate): avoid converting mixed paths into arrays if populating an object path under Mixed #8157
  • fix: use $wrapCallback when using promises for mongoose-async-hooks
  • fix: handle queries with setter that converts value to Number instance #8150
  • docs: add mongoosejs-cli to readme #8142
  • docs: fix example typo for Schema.prototype.plugin() #8175 anaethoss

5.7.1 / 2019-09-13

  • fix(query): fix TypeError when calling findOneAndUpdate() with runValidators #8151 fernandolguevara
  • fix(document): throw strict mode error if setting an immutable path with strict mode: false #8149
  • fix(mongoose): support passing options object to Mongoose constructor #8144
  • fix(model): make syncIndexes() handle changes in index key order #8135
  • fix(error): export StrictModeError as a static property of MongooseError #8148 ouyuran
  • docs(connection+mongoose): add useUnifiedTopology option to connect() and openUri() docs #8146

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 40a879b chore: release 5.7.5
  • 159457d chore: add vpn black friday as sponsor
  • e6285ea Merge pull request #8244 from AbdelrahmanHafez/master
  • d9163f5 fix: correct order for declaration
  • cec9dda Minor refactor to ValidationError
  • 13ae085 docs(index): add favicon to home page
  • 96ce0eb style: fix lint
  • 973b1e0 docs: add schema options to API docs
  • cdfb507 chore: add useUnifiedTopology for tests re: #8212
  • 936ddfb fix(update): handle subdocument pre('validate') errors in update validation
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+20 -69

0 comment

2 changed files

pr created time in 9 minutes

create barnchmasterbhero/SmartFarmApi

branch : dependabot/npm_and_yarn/mongoose-5.7.5

created branch time in 9 minutes

PR opened Rose800/nucampproject

Bump bootstrap from 4.0.0 to 4.3.1

Bumps bootstrap from 4.0.0 to 4.3.1. <details> <summary>Release notes</summary>

Sourced from bootstrap's releases.

v4.3.1

  • Security: Fixed an XSS vulnerability (CVE-2019-8331) in our tooltip and popover plugins by implementing a new HTML sanitizer
  • Fixed a small issue with our RFS (responsive font sizes) mixins

v4.3.0

Highlights

  • New: Added .stretched-link utility to make any anchor the size of it's nearest position: relative parent, perfect for entirely clickable cards!
  • New: Added .text-break utility for applying word-break: break-word
  • New: Added .rounded-sm and .rounded-lg for small and large border-radius.
  • New: Added .modal-dialog-scrollable modifier class for scrolling content within a modal.
  • New: Added responsive .list-group-horizontal modifier classes for displaying list groups as a horizontal row.
  • Improved: Reduced our compiled CSS by using null for variables that by default inherit their values from other elements (e.g., $headings-color was inherit and is now null until you modifier it in your custom CSS).
  • Improved: Badge focus styles now match their background-color like our buttons.
  • Fixed: Silenced bad selectors in our JS plugins for the href HTML attribute to avoid JavaScript errors. Please try to use valid selectors or the data-target HTML attribute/target option where available.
  • Fixed: Reverted v4.2.1's change to the breakpoint and grid container Sass maps that blocked folks from upgrading when modifying those default variables.
  • Fixed: Restored white-space: nowrap to .dropdown-toggle (before v4.2.1 it was on all .btns) so carets don't wrap to new lines.
  • Deprecated: img-retina, invisible, float, and size mixins are now deprecated and will be removed in v5.

Links

v4.2.1

Bump to v4.2.1 to republish package on npm. See v4.2.0 release notes for changes introduced in v4.2.

v4.2.0

Here are the highlights of what's new and updated in v4.2.

  • New: Added a new spinner loading component.
  • New: Added new toast component for displaying notifications.
  • New: Added a new iOS style switch (a modifier class to our custom checkboxes).
  • New: Added touch support in our carousel component.
  • New: Added .font-weight-lighter and .font-weight-bolder utilities.
  • New: Added .text-decoration-none utility class.
  • New: Added .modal-xl modifier class for our modals.
  • New: Added new negative margin utility classes (e.g., .mb-n3). These rad new classes not only allow you more control over your general spacing needs, but also allow you to create responsive grid gutters at each breakpoint.
  • New: Validated form fields now have feedback icons on :invalid and :valid fields. Disable them with the $enable-validation-icons boolean Sass variable (defaults to true).
  • New: Added a new versions page to our docs
  • New: Tooltips/Popovers work with Shadow DOM
  • Updated: Redesigned the custom checkboxes and radios for more obvious states.
  • Updated: bootstrap-grid.css now includes our margin and padding utilities for full control of our grid system.
  • Updated: Changed auto columns (e.g., .col-auto) from max-width: none to max-width: 100% to prevent content from causing a column to overflow the parent.
  • Updated: Improved rendering of custom selects, ranges, file input, and more.

Checkout the full v4.2.0 ship list and GitHub project for the full details. Up next is v4.3 with some bugfixes, a few new modifier classes and variables, and some new utilities.

Head to to the v4.2.x docs to see the latest in action. The full release has been published to npm and will soon appear on the Bootstrap CDN and Rubygems.

v4.1.3

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

0 comment

2 changed files

pr created time in 9 minutes

create barnchRose800/nucampproject

branch : dependabot/npm_and_yarn/bootstrap-4.3.1

created branch time in 9 minutes

PR opened Rose800/nucampproject

Bump jquery from 3.3.1 to 3.4.0

Bumps jquery from 3.3.1 to 3.4.0. <details> <summary>Commits</summary>

  • b7fc909 3.4.0
  • 59ea765 Release: update AUTHORS.txt
  • 7c1ef15 Release: update version to 3.4.0-pre
  • d940bc0 Build: Update Sizzle from 2.3.3 to 2.3.4
  • 9b9fca4 Update README.md
  • a2a73db Tests: Make Android Browser 4.0-4.3 dimensions tests green
  • 4455f8d Tests: Make Android Browser 4.0-4.3 AJAX tests green
  • 0050403 Core: Preserve CSP nonce on scripts with src attribute in DOM manipulation
  • fe5f04d Event: Prevent leverageNative from double-firing focusin
  • 753d591 Core: Prevent Object.prototype pollution for $.extend( true, ... )
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

0 comment

2 changed files

pr created time in 9 minutes

create barnchRose800/nucampproject

branch : dependabot/npm_and_yarn/jquery-3.4.0

created branch time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump lodash from 4.17.4 to 4.17.15

Bumps lodash from 4.17.4 to 4.17.15. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+50 -38

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump lodash.defaultsdeep from 4.6.0 to 4.6.1

Bumps lodash.defaultsdeep from 4.6.0 to 4.6.1. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+50 -31

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump underscore.string from 3.3.4 to 3.3.5

Bumps underscore.string from 3.3.4 to 3.3.5. <details> <summary>Changelog</summary>

Sourced from underscore.string's changelog.

3.3.5

  • Security fix
  • Full changelog </details> <details> <summary>Commits</summary>
  • 87ddc29 Release 3.3.5
  • fde7ed6 Add 3.3.5 changelog
  • f486cd6 Try to fix regexp redos
  • See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by esamatti, a new releaser for underscore.string since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+50 -31

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump handlebars from 4.0.12 to 4.7.3

Bumps handlebars from 4.0.12 to 4.7.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.7.3 - February 5th, 2020

Chore/Housekeeping:

  • #1644 - Download links to aws broken on handlebarsjs.com - access denied (@​Tea56)
  • Fix spelling and punctuation in changelog - d78cc73

Bugfixes:

  • Add Type Definition for Handlebars.VERSION, Fixes #1647 - 4de51fe
  • Include Type Definition for runtime.js in Package - a32d05f

Compatibility notes:

  • No incompatibilities are to be expected

Commits

v4.7.2 - January 13th, 2020

Bugfixes:

  • fix: don't wrap helpers that are not functions - 9d5aa36, #1639

Chore/Build:

  • chore: execute saucelabs-task only if access-key exists - a4fd391

Compatibility notes:

  • No breaking changes are to be expected

Commits

v4.7.1 - January 12th, 2020

Bugfixes:

  • fix: fix log output in case of illegal property access - f152dfc
  • fix: log error for illegal property access only once per property - 3c1e252

Compatibility notes:

  • no incompatibilities are to be expected.

Commits

v4.7.0 - January 10th, 2020

Features: </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • c978969 v4.7.3
  • 9278f21 Update release notes
  • d78cc73 Fixes spelling and punctuation
  • 4de51fe Add Type Definition for Handlebars.VERSION, Fixes #1647
  • a32d05f Include Type Definition for runtime.js in Package
  • ad63f51 chore: add missing "await" in aws-s3 publishing code
  • 586e672 v4.7.2
  • f0c6c4c Update release notes
  • a4fd391 chore: execute saucelabs-task only if access-key exists
  • 9d5aa36 fix: don't wrap helpers that are not functions
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+57 -32

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump eslint-utils from 1.3.1 to 1.4.3

Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary>

Sourced from eslint-utils's releases.

v1.4.3

🐛 Bug fixes

  • 8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of ReferenceTracker.

v1.4.2

🐛 Bug fixes

  • e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.

v1.4.1

🐛 Bug fixes

  • c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed getStaticValue() function to handle null literal correctly even if runtimes don't support BigInt natively.
  • 587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed getStringIfConstant() function to handle regular expression literals and BigInt literals even if runtimes don't support those.
  • 08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.

v1.4.0

✨ Enhancements

  • 66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added isParenthesized() function that checks if a given node is parenthesized or not.
  • 4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added hasSideEffect() function that checks if a given node may have side-effects or not. </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+62 -32

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump mixin-deep from 1.3.1 to 1.3.2

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary>

  • 754f0c2 1.3.2
  • 90ee1fa ensure keys are valid when mixing in values
  • See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+50 -31

0 comment

1 changed file

pr created time in 9 minutes

PR opened benjaminbalazs/sq-ember-s3assets

Bump lodash.merge from 4.6.1 to 4.6.2

Bumps lodash.merge from 4.6.1 to 4.6.2. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+50 -31

0 comment

1 changed file

pr created time in 9 minutes

delete branch ycaroafonso/Essa.Framework.EssaCore

delete branch : dependabot/nuget/Essa.Framework.WebCore/Microsoft.AspNetCore.App-2.1.4

delete time in 9 minutes

PR closed ycaroafonso/Essa.Framework.EssaCore

Bump Microsoft.AspNetCore.App from 2.1.1 to 2.1.4 in /Essa.Framework.WebCore dependencies

Bumps Microsoft.AspNetCore.App from 2.1.1 to 2.1.4. <details> <summary>Commits</summary>

  • 6dd5a7b Merge branch release/2.1 into 2.1.4
  • a7a95c6 Add PR validation on VSTS
  • a85d99a Add the 2.1.3 archive baselines and a target to ensure this test is run on PR...
  • e7447ca Consume a new version of System.IO.Pipelines from ProdCon
  • 3f55bf3 Make System.IO.Pipelines a direct dependency of Microsoft.AspNetCore.App
  • 2f85e4a Add a restore feed for 2.1.3 packages
  • e4161d8 Prepare 2.1.4 patch
  • 7119fc7 Upgrade xunit test runner to 2.4.0 RTM and xunit.analyzers to 0.10.0 (#1275)
  • 18e0871 Update to NETCore.App 2.1.3-servicing-26722-02
  • 7d12e6b Updating external dependencies (#1268)
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 9 minutes

pull request commentycaroafonso/Essa.Framework.EssaCore

Bump Microsoft.AspNetCore.App from 2.1.1 to 2.1.4 in /Essa.Framework.WebCore

Looks like Microsoft.AspNetCore.App is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 9 minutes

PR opened athenenya/storeFront

Bump axios from 0.17.1 to 0.19.2

Bumps axios from 0.17.1 to 0.19.2. <details> <summary>Release notes</summary>

Sourced from axios's releases.

v0.19.2

  • Remove unnecessary XSS check (#2679) (see (#2646) for discussion)

v0.19.1

Fixes and Functionality:

  • Fixing invalid agent issue (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Delete useless default to hash (#2458)
  • Fix HTTP/HTTPs agents passing to follow-redirect (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Fix CI build failure (#2570)
  • Remove dependency on is-buffer from package.json (#1816)
  • Adding options typings (#2341)
  • Adding Typescript HTTP method definition for LINK and UNLINK. (#2444)
  • Update dist with newest changes, fixes Custom Attributes issue
  • Change syntax to see if build passes (#2488)
  • Update Webpack + deps, remove now unnecessary polyfills (#2410)
  • Fix to prevent XSS, throw an error when the URL contains a JS script (#2464)
  • Add custom timeout error copy in config (#2275)
  • Add error toJSON example (#2466)
  • Fixing Vulnerability A Fortify Scan finds a critical Cross-Site Scrip… (#2451)
  • Fixing subdomain handling on no_proxy (#2442)
  • Make redirection from HTTP to HTTPS work ([#2426](https://github-redirect.dependabot.com/axios/axios/pull/2426] and (#2547)
  • Add toJSON property to AxiosError type (#2427)
  • Fixing socket hang up error on node side for slow response. (#1752)
  • Alternative syntax to send data into the body (#2317)
  • Fixing custom config options (#2207)
  • Fixing set config.method after mergeConfig for Axios.prototype.request (#2383)
  • Axios create url bug (#2290)
  • Do not modify config.url when using a relative baseURL (resolves #1628) (#2391)
  • Add typescript HTTP method definition for LINK and UNLINK (#2444)

Internal:

  • Revert "Update Webpack + deps, remove now unnecessary polyfills" (#2479)
  • Order of if/else blocks is causing unit tests mocking XHR. (#2201)
  • Add license badge (#2446)
  • Fix travis CI build #2386
  • Fix cancellation error on build master. #2290 #2207 (#2407)

Documentation:

  • Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • Fix badge, use master branch (#2538)
  • Fix typo in changelog #2193
  • Document fix (#2514)
  • Update docs with no_proxy change, issue #2484 (#2513)
  • Fixing missing words in docs template (#2259)
  • 🐛Fix request finally documentation in README (#2189) </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from axios's changelog.

0.19.2 (Jan 20, 2020)

  • Remove unnecessary XSS check (#2679) (see (#2646) for discussion)

0.19.1 (Jan 7, 2020)

Fixes and Functionality:

  • Fixing invalid agent issue (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Delete useless default to hash (#2458)
  • Fix HTTP/HTTPs agents passing to follow-redirect (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Fix CI build failure (#2570)
  • Remove dependency on is-buffer from package.json (#1816)
  • Adding options typings (#2341)
  • Adding Typescript HTTP method definition for LINK and UNLINK. (#2444)
  • Update dist with newest changes, fixes Custom Attributes issue
  • Change syntax to see if build passes (#2488)
  • Update Webpack + deps, remove now unnecessary polyfills (#2410)
  • Fix to prevent XSS, throw an error when the URL contains a JS script (#2464)
  • Add custom timeout error copy in config (#2275)
  • Add error toJSON example (#2466)
  • Fixing Vulnerability A Fortify Scan finds a critical Cross-Site Scrip… (#2451)
  • Fixing subdomain handling on no_proxy (#2442)
  • Make redirection from HTTP to HTTPS work ([#2426](https://github-redirect.dependabot.com/axios/axios/pull/2426] and (#2547)
  • Add toJSON property to AxiosError type (#2427)
  • Fixing socket hang up error on node side for slow response. (#1752)
  • Alternative syntax to send data into the body (#2317)
  • Fixing custom config options (#2207)
  • Fixing set config.method after mergeConfig for Axios.prototype.request (#2383)
  • Axios create url bug (#2290)
  • Do not modify config.url when using a relative baseURL (resolves #1628) (#2391)
  • Add typescript HTTP method definition for LINK and UNLINK (#2444)

Internal:

  • Revert "Update Webpack + deps, remove now unnecessary polyfills" (#2479)
  • Order of if/else blocks is causing unit tests mocking XHR. (#2201)
  • Add license badge (#2446)
  • Fix travis CI build #2386
  • Fix cancellation error on build master. #2290 #2207 (#2407)

Documentation:

  • Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • Fix badge, use master branch (#2538)
  • Fix typo in changelog #2193
  • Document fix (#2514)
  • Update docs with no_proxy change, issue #2484 (#2513) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 2a0ff47 Releasing 0.19.2
  • 17cc1d6 Updating changlog for 0.19.2 release
  • c7488c7 Remove unnecessary XSS check introduced by #2451 (#2679)
  • 351cf29 Fix link formatting in CHANGELOG.md to display PR number in parens as link (#...
  • 960e1c8 Releasing 0.19.1
  • 8a9421d Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • ee47120 If this place is false, it will report an error, so you should delete the use...
  • 03e6f4b Fixing invalid agent issue (#1904)
  • dc4bc49 fix: fix ignore set withCredentials false (#2582)
  • 13c948e Remove 'includes' API, fix CI build failure (#2574)
  • Additional commits viewable in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by emilyemorehouse, a new releaser for axios since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 9 minutes

create barnchathenenya/storeFront

branch : dependabot/npm_and_yarn/axios-0.19.2

created branch time in 9 minutes

push eventshimphillip/portfolio

shimphillip

commit sha 8ecc4c450186e5e3afa08b5d79496b6811f15135

refactor homepage

view details

dependabot[bot]

commit sha 93bd44aae76a52ea03e69de1165215cc48c651fe

Bump mixin-deep from 1.3.1 to 1.3.2 Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/jonschlinkert/mixin-deep/releases) - [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 10 minutes

push eventshimphillip/portfolio

shimphillip

commit sha 8ecc4c450186e5e3afa08b5d79496b6811f15135

refactor homepage

view details

dependabot[bot]

commit sha aa6cd3513e1f21f514b06f6c23fac720ab043eb6

Bump lodash from 4.17.11 to 4.17.13 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 10 minutes

PR opened athenenya/storeFront

Bump symfony/http-foundation from 4.1.3 to 4.2.12

Bumps symfony/http-foundation from 4.1.3 to 4.2.12. <details> <summary>Changelog</summary>

Sourced from symfony/http-foundation's changelog.

CHANGELOG

5.1.0

  • added Cookie::withValue, Cookie::withDomain, Cookie::withExpires, Cookie::withPath, Cookie::withSecure, Cookie::withHttpOnly, Cookie::withRaw, Cookie::withSameSite
  • Deprecate Response::create(), JsonResponse::create(), RedirectResponse::create(), and StreamedResponse::create() methods (use __construct() instead)
  • added Request::preferSafeContent() and Response::setContentSafe() to handle "safe" HTTP preference according to RFC 8674
  • made the Mime component an optional dependency

5.0.0

  • made Cookie auto-secure and lax by default
  • removed classes in the MimeType namespace, use the Symfony Mime component instead
  • removed method UploadedFile::getClientSize() and the related constructor argument
  • made Request::getSession() throw if the session has not been set before
  • removed Response::HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL
  • passing a null url when instantiating a RedirectResponse is not allowed

4.4.0

  • passing arguments to Request::isMethodSafe() is deprecated.
  • ApacheRequest is deprecated, use the Request class instead.
  • passing a third argument to HeaderBag::get() is deprecated, use method all() instead
  • [BC BREAK] PdoSessionHandler with MySQL changed the type of the lifetime column, make sure to run ALTER TABLE sessions MODIFY sess_lifetime INTEGER UNSIGNED NOT NULL to update your database.
  • PdoSessionHandler now precalculates the expiry timestamp in the lifetime column, make sure to run CREATE INDEX EXPIRY ON sessions (sess_lifetime) to update your database to speed up garbage collection of expired sessions.
  • added SessionHandlerFactory to create session handlers with a DSN
  • added IpUtils::anonymize() to help with GDPR compliance.

4.3.0

  • added PHPUnit constraints: RequestAttributeValueSame, ResponseCookieValueSame, ResponseHasCookie, ResponseHasHeader, ResponseHeaderSame, ResponseIsRedirected, ResponseIsSuccessful, and ResponseStatusCodeSame
  • deprecated MimeTypeGuesserInterface and ExtensionGuesserInterface in favor of Symfony\Component\Mime\MimeTypesInterface.
  • deprecated MimeType and MimeTypeExtensionGuesser in favor of Symfony\Component\Mime\MimeTypes.
  • deprecated FileBinaryMimeTypeGuesser in favor of Symfony\Component\Mime\FileBinaryMimeTypeGuesser.
  • deprecated FileinfoMimeTypeGuesser in favor of Symfony\Component\Mime\FileinfoMimeTypeGuesser. </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 2ae778f [HttpFoundation] fix guessing mime-types of files with leading dash
  • 3f9f40f Merge branch '3.4' into 4.2
  • c450706 [HttpFoundation] Fix URLs
  • 61217e4 Remove dead tests fixtures
  • 2565092 Merge branch '3.4' into 4.2
  • 8d530ef fixed CS
  • 2227b5d bug #32096 Don't assume port 0 for X-Forwarded-Port (alexbowers, xabbuh)
  • e135ecf PHP 5 compat
  • 91b374c Add test case
  • b8d9ff2 Merge branch '3.4' into 4.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+17 -17

0 comment

1 changed file

pr created time in 11 minutes

delete branch webberwu/laravel-practice

delete branch : dependabot/npm_and_yarn/axios-0.19.2

delete time in 12 minutes

PR opened Lucaslimasz/TheStock

Bump axios from 0.16.2 to 0.19.2

Bumps axios from 0.16.2 to 0.19.2. <details> <summary>Release notes</summary>

Sourced from axios's releases.

v0.19.2

  • Remove unnecessary XSS check (#2679) (see (#2646) for discussion)

v0.19.1

Fixes and Functionality:

  • Fixing invalid agent issue (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Delete useless default to hash (#2458)
  • Fix HTTP/HTTPs agents passing to follow-redirect (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Fix CI build failure (#2570)
  • Remove dependency on is-buffer from package.json (#1816)
  • Adding options typings (#2341)
  • Adding Typescript HTTP method definition for LINK and UNLINK. (#2444)
  • Update dist with newest changes, fixes Custom Attributes issue
  • Change syntax to see if build passes (#2488)
  • Update Webpack + deps, remove now unnecessary polyfills (#2410)
  • Fix to prevent XSS, throw an error when the URL contains a JS script (#2464)
  • Add custom timeout error copy in config (#2275)
  • Add error toJSON example (#2466)
  • Fixing Vulnerability A Fortify Scan finds a critical Cross-Site Scrip… (#2451)
  • Fixing subdomain handling on no_proxy (#2442)
  • Make redirection from HTTP to HTTPS work ([#2426](https://github-redirect.dependabot.com/axios/axios/pull/2426] and (#2547)
  • Add toJSON property to AxiosError type (#2427)
  • Fixing socket hang up error on node side for slow response. (#1752)
  • Alternative syntax to send data into the body (#2317)
  • Fixing custom config options (#2207)
  • Fixing set config.method after mergeConfig for Axios.prototype.request (#2383)
  • Axios create url bug (#2290)
  • Do not modify config.url when using a relative baseURL (resolves #1628) (#2391)
  • Add typescript HTTP method definition for LINK and UNLINK (#2444)

Internal:

  • Revert "Update Webpack + deps, remove now unnecessary polyfills" (#2479)
  • Order of if/else blocks is causing unit tests mocking XHR. (#2201)
  • Add license badge (#2446)
  • Fix travis CI build #2386
  • Fix cancellation error on build master. #2290 #2207 (#2407)

Documentation:

  • Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • Fix badge, use master branch (#2538)
  • Fix typo in changelog #2193
  • Document fix (#2514)
  • Update docs with no_proxy change, issue #2484 (#2513)
  • Fixing missing words in docs template (#2259)
  • 🐛Fix request finally documentation in README (#2189) </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from axios's changelog.

0.19.2 (Jan 20, 2020)

  • Remove unnecessary XSS check (#2679) (see (#2646) for discussion)

0.19.1 (Jan 7, 2020)

Fixes and Functionality:

  • Fixing invalid agent issue (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Delete useless default to hash (#2458)
  • Fix HTTP/HTTPs agents passing to follow-redirect (#1904)
  • Fix ignore set withCredentials false (#2582)
  • Fix CI build failure (#2570)
  • Remove dependency on is-buffer from package.json (#1816)
  • Adding options typings (#2341)
  • Adding Typescript HTTP method definition for LINK and UNLINK. (#2444)
  • Update dist with newest changes, fixes Custom Attributes issue
  • Change syntax to see if build passes (#2488)
  • Update Webpack + deps, remove now unnecessary polyfills (#2410)
  • Fix to prevent XSS, throw an error when the URL contains a JS script (#2464)
  • Add custom timeout error copy in config (#2275)
  • Add error toJSON example (#2466)
  • Fixing Vulnerability A Fortify Scan finds a critical Cross-Site Scrip… (#2451)
  • Fixing subdomain handling on no_proxy (#2442)
  • Make redirection from HTTP to HTTPS work ([#2426](https://github-redirect.dependabot.com/axios/axios/pull/2426] and (#2547)
  • Add toJSON property to AxiosError type (#2427)
  • Fixing socket hang up error on node side for slow response. (#1752)
  • Alternative syntax to send data into the body (#2317)
  • Fixing custom config options (#2207)
  • Fixing set config.method after mergeConfig for Axios.prototype.request (#2383)
  • Axios create url bug (#2290)
  • Do not modify config.url when using a relative baseURL (resolves #1628) (#2391)
  • Add typescript HTTP method definition for LINK and UNLINK (#2444)

Internal:

  • Revert "Update Webpack + deps, remove now unnecessary polyfills" (#2479)
  • Order of if/else blocks is causing unit tests mocking XHR. (#2201)
  • Add license badge (#2446)
  • Fix travis CI build #2386
  • Fix cancellation error on build master. #2290 #2207 (#2407)

Documentation:

  • Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • Fix badge, use master branch (#2538)
  • Fix typo in changelog #2193
  • Document fix (#2514)
  • Update docs with no_proxy change, issue #2484 (#2513) </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • 2a0ff47 Releasing 0.19.2
  • 17cc1d6 Updating changlog for 0.19.2 release
  • c7488c7 Remove unnecessary XSS check introduced by #2451 (#2679)
  • 351cf29 Fix link formatting in CHANGELOG.md to display PR number in parens as link (#...
  • 960e1c8 Releasing 0.19.1
  • 8a9421d Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
  • ee47120 If this place is false, it will report an error, so you should delete the use...
  • 03e6f4b Fixing invalid agent issue (#1904)
  • dc4bc49 fix: fix ignore set withCredentials false (#2582)
  • 13c948e Remove 'includes' API, fix CI build failure (#2574)
  • Additional commits viewable in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by emilyemorehouse, a new releaser for axios since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 12 minutes

create barnchLucaslimasz/TheStock

branch : dependabot/npm_and_yarn/axios-0.19.2

created branch time in 12 minutes

delete branch chenlengsu/vueMcq

delete branch : dependabot/npm_and_yarn/lodash-4.17.15

delete time in 12 minutes

PR closed chenlengsu/vueMcq

Bump lodash from 4.17.11 to 4.17.15 dependencies

Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+33 -14

1 comment

1 changed file

dependabot[bot]

pr closed time in 12 minutes

more