create barnchricardobiundo/koffiecode
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in a few seconds
PR opened aspov/checkListApp
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchaspov/checkListApp
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in a few seconds
PR opened ricardobiundo/koffiecode
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
PR opened ricardobiundo/koffiecode
Bumps express-jwt from 5.3.3 to 6.0.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/auth0/express-jwt/commit/678f3b0e812d86b399b925f069105fc37eecde5b"><code>678f3b0</code></a> 6.0.0</li> <li><a href="https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef"><code>7ecab5f</code></a> Merge pull request from GHSA-6g6m-m6h5-w9gf</li> <li><a href="https://github.com/auth0/express-jwt/commit/304a1c5968aed7c4c520035426fc09142156669d"><code>304a1c5</code></a> Made algorithms mandatory</li> <li>See full diff in <a href="https://github.com/auth0/express-jwt/compare/v5.3.3...v6.0.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~yacine-b">yacine-b</a>, a new releaser for express-jwt since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchricardobiundo/koffiecode
branch : dependabot/npm_and_yarn/content/themes/casper/websocket-extensions-0.1.4
created branch time in a few seconds
create barnchricardobiundo/koffiecode
branch : dependabot/npm_and_yarn/express-jwt-6.0.0
created branch time in a few seconds
delete branch ayush4334/react-login-and-users-list
delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
delete time in a few seconds
PR opened parthkanani93/blogpost-reactjs
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a few seconds
create barnchparthkanani93/blogpost-reactjs
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in a few seconds
delete branch peter-popluhar/monsters-rolodex
delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
delete time in a few seconds
delete branch CheesyBoy03/kyst-bot
delete branch : dependabot/pip/django-2.2.13
delete time in a few seconds
PR closed CheesyBoy03/kyst-bot
Bumps django from 2.2.7 to 2.2.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/8093aaa8ff9dd7386a069c6eb49fcc1c5980c033"><code>8093aaa</code></a> [2.2.x] Bumped version for 2.2.13 release.</li> <li><a href="https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206"><code>07e59ca</code></a> [2.2.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815"><code>6d61860</code></a> [2.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/7e1084ead07b10e36d391f5366f411c58fbcc4c2"><code>7e1084e</code></a> [2.2.x] Added release date for 2.2.13.</li> <li><a href="https://github.com/django/django/commit/2b69680264aabb94661b4f67a8e70d522070dc2a"><code>2b69680</code></a> [2.2.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/8301bc9cfad588074375edadfe0f19024dc217f8"><code>8301bc9</code></a> [2.2.x] Fixed E128, E741 flake8 warnings.</li> <li><a href="https://github.com/django/django/commit/c7bab8d2b7160a635a6f55e4d89e0a2e66d1679c"><code>c7bab8d</code></a> [2.2.x] Fixed term warning on Sphinx 3.0.1+.</li> <li><a href="https://github.com/django/django/commit/79baf338aef2ac21d3d29ee56e85f69678eef1a1"><code>79baf33</code></a> [2.2.x] Fixed highlightlang deprecation warning on Sphinx 1.8+.</li> <li><a href="https://github.com/django/django/commit/151a83e92c1a457baf028160ed9191405b869df6"><code>151a83e</code></a> [2.2.x] Fixed CodeBlock deprecation warning on Sphinx 2.1+.</li> <li><a href="https://github.com/django/django/commit/b0d810a77bbed01d45f92df93195f7bdc8d4da62"><code>b0d810a</code></a> [2.2.x] Fixed Sphinx warnings on duplicate object descriptions.</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/2.2.7...2.2.13">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in a few seconds
delete branch doublesharp/nodemailer-mock
delete branch : dependabot/npm_and_yarn/acorn-7.1.1
delete time in a few seconds
PR closed doublesharp/nodemailer-mock
Bumps acorn from 7.1.0 to 7.1.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6d194895783b03b2a37441f01857c34302eab4c8"><code>6d19489</code></a> Mark release 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/793c0e569ed1158672e3a40aeed1d8518832b802"><code>793c0e5</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/b5c17877ac0511e31579ea31e7650ba1a5871e51"><code>b5c1787</code></a> Fix incorrect comment in regexp parser</li> <li><a href="https://github.com/acornjs/acorn/commit/12ae8fed7ebc5b7c894c5976575f33cf36a223cc"><code>12ae8fe</code></a> Parameterize dummy value and export <code>isDummy</code></li> <li><a href="https://github.com/acornjs/acorn/commit/fa3ad8cef0f39f5ae0cbd8be0bf65eb0a782133e"><code>fa3ad8c</code></a> Further refine acorn-walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/1d5028637852c2834091739646e25dd6558ee7a8"><code>1d50286</code></a> Fix some errors in walk types</li> <li><a href="https://github.com/acornjs/acorn/commit/97801f0b5835bc93739666b3494c9b49aeb5fc1d"><code>97801f0</code></a> Mark acorn-walk 7.1.1</li> <li><a href="https://github.com/acornjs/acorn/commit/e9372c151f63fe254c7f5e7ffd7a820e34422208"><code>e9372c1</code></a> Further clean up walker types</li> <li><a href="https://github.com/acornjs/acorn/commit/de6edeb654cf665e732d822d95c97e2d2fc879bc"><code>de6edeb</code></a> Remove NarrowNode from walk.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/1d85e7ce982a979bb5411cd00fd9156eecf952a5"><code>1d85e7c</code></a> Fix: acorn-walk type work with acorn's</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/7.1.0...7.1.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in a few seconds
pull request commentCheesyBoy03/kyst-bot
Bump django from 2.2.7 to 2.2.13
Looks like django is no longer a dependency, so this is no longer needed.
comment created time in a few seconds
pull request commentdoublesharp/nodemailer-mock
Bump acorn from 7.1.0 to 7.1.1
Looks like acorn is up-to-date now, so this is no longer needed.
comment created time in a minute
delete branch peter-popluhar/monsters-rolodex
delete branch : dependabot/npm_and_yarn/acorn-5.7.4
delete time in a minute
PR opened Himanshusinghofficial/save_contacts
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/websocket-extensions-0.1.4
created branch time in a minute
push eventsnaik7/grocery60
commit sha 39dc6da69074b80ab8cae6df91d49b2e87341eb3
Bump django from 3.0.6 to 3.0.7 Bumps [django](https://github.com/django/django) from 3.0.6 to 3.0.7. - [Release notes](https://github.com/django/django/releases) - [Commits](https://github.com/django/django/compare/3.0.6...3.0.7) Signed-off-by: dependabot[bot] <support@github.com>
push time in a minute
PR opened snaik7/grocery60
Bumps django from 3.0.6 to 3.0.7. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/44da7abda848f05caaed74f6a749038c87dedfda"><code>44da7ab</code></a> [3.0.x] Bumped version for 3.0.7 release.</li> <li><a href="https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693"><code>84b2da5</code></a> [3.0.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38"><code>1f2dd37</code></a> [3.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/256d29710193f7a2f1e92abe96c94d036f73edc6"><code>256d297</code></a> [3.0.x] Added release date for 2.2.13 and 3.0.7.</li> <li><a href="https://github.com/django/django/commit/8734a02f5d70d3d324edc96aaa763a6e8b4eb371"><code>8734a02</code></a> [3.0.x] Updated link to Celery.</li> <li><a href="https://github.com/django/django/commit/d22f67848ca1b5b34eb09b58c866a80eae3c7da1"><code>d22f678</code></a> [3.0.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/b9db04178939bb737f1343089af021ede0da50d9"><code>b9db041</code></a> [3.0.x] Adjusted URL example in tutorial.</li> <li><a href="https://github.com/django/django/commit/caf7c4630da304474115a7c41cbb1df930593a73"><code>caf7c46</code></a> [3.0.x] Fixed <a href="https://github-redirect.dependabot.com/django/django/issues/31643">#31643</a> -- Changed virtualenv doc references to Python 3 venv.</li> <li><a href="https://github.com/django/django/commit/9297a3e6275ed13bfaecc147644960906ed5063b"><code>9297a3e</code></a> [3.0.x] Fixed typo in docs/ref/templates/language.txt.</li> <li><a href="https://github.com/django/django/commit/2638627db45766a300279197b2d6f299a5ea841f"><code>2638627</code></a> [3.0.x] Fixed <a href="https://github-redirect.dependabot.com/django/django/issues/31570">#31570</a> -- Corrected translation loading for apps providing terr...</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/3.0.6...3.0.7">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
PR opened raghavendrashanthamaraju/std
Bumps django from 2.0.5 to 2.2.13. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/django/django/commit/8093aaa8ff9dd7386a069c6eb49fcc1c5980c033"><code>8093aaa</code></a> [2.2.x] Bumped version for 2.2.13 release.</li> <li><a href="https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206"><code>07e59ca</code></a> [2.2.x] Fixed CVE-2020-13254 -- Enforced cache key validation in memcached ba...</li> <li><a href="https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815"><code>6d61860</code></a> [2.0.x] Fixed CVE-2020-13596 -- Fixed potential XSS in admin ForeignKeyRawIdW...</li> <li><a href="https://github.com/django/django/commit/7e1084ead07b10e36d391f5366f411c58fbcc4c2"><code>7e1084e</code></a> [2.2.x] Added release date for 2.2.13.</li> <li><a href="https://github.com/django/django/commit/2b69680264aabb94661b4f67a8e70d522070dc2a"><code>2b69680</code></a> [2.2.x] Refs <a href="https://github-redirect.dependabot.com/django/django/issues/31485">#31485</a> -- Backported jQuery upgrade to 3.5.1.</li> <li><a href="https://github.com/django/django/commit/8301bc9cfad588074375edadfe0f19024dc217f8"><code>8301bc9</code></a> [2.2.x] Fixed E128, E741 flake8 warnings.</li> <li><a href="https://github.com/django/django/commit/c7bab8d2b7160a635a6f55e4d89e0a2e66d1679c"><code>c7bab8d</code></a> [2.2.x] Fixed term warning on Sphinx 3.0.1+.</li> <li><a href="https://github.com/django/django/commit/79baf338aef2ac21d3d29ee56e85f69678eef1a1"><code>79baf33</code></a> [2.2.x] Fixed highlightlang deprecation warning on Sphinx 1.8+.</li> <li><a href="https://github.com/django/django/commit/151a83e92c1a457baf028160ed9191405b869df6"><code>151a83e</code></a> [2.2.x] Fixed CodeBlock deprecation warning on Sphinx 2.1+.</li> <li><a href="https://github.com/django/django/commit/b0d810a77bbed01d45f92df93195f7bdc8d4da62"><code>b0d810a</code></a> [2.2.x] Fixed Sphinx warnings on duplicate object descriptions.</li> <li>Additional commits viewable in <a href="https://github.com/django/django/compare/2.0.5...2.2.13">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
PR opened raghavendrashanthamaraju/std
Bumps urllib3 from 1.23 to 1.24.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/master/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h2>1.24.2 (2019-04-17)</h2> <ul> <li> <p>Don't load system certificates by default when any other <code>ca_certs</code>, <code>ca_certs_dir</code> or <code>ssl_context</code> parameters are specified.</p> </li> <li> <p>Remove Authorization header regardless of case when redirecting to cross-site. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1510">#1510</a>)</p> </li> <li> <p>Add support for IPv6 addresses in subjectAltName section of certificates. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1269">#1269</a>)</p> </li> </ul> <h2>1.24.1 (2018-11-02)</h2> <ul> <li> <p>Remove quadratic behavior within <code>GzipDecoder.decompress()</code> (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1467">#1467</a>)</p> </li> <li> <p>Restored functionality of <code>ciphers</code> parameter for <code>create_urllib3_context()</code>. (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1462">#1462</a>)</p> </li> </ul> <h2>1.24 (2018-10-16)</h2> <ul> <li> <p>Allow key_server_hostname to be specified when initializing a PoolManager to allow custom SNI to be overridden. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449">#1449</a>)</p> </li> <li> <p>Test against Python 3.7 on AppVeyor. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453">#1453</a>)</p> </li> <li> <p>Early-out ipv6 checks when running on App Engine. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1450">#1450</a>)</p> </li> <li> <p>Change ambiguous description of backoff_factor (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1436">#1436</a>)</p> </li> <li> <p>Add ability to handle multiple Content-Encodings (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1441">#1441</a> and Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1442">#1442</a>)</p> </li> <li> <p>Skip DNS names that can't be idna-decoded when using pyOpenSSL (Issue <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1405">#1405</a>).</p> </li> <li> <p>Add a server_hostname parameter to HTTPSConnection which allows for overriding the SNI hostname sent in the handshake. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1397">#1397</a>)</p> </li> <li> <p>Drop support for EOL Python 2.6 (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1429">#1429</a> and Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1430">#1430</a>)</p> </li> <li> <p>Fixed bug where responses with header Content-Type: message/* erroneously raised HeaderParsingError, resulting in a warning being logged. (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1439">#1439</a>)</p> </li> <li> <p>Move urllib3 to src/urllib3 (Pull <a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1409">#1409</a>)</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1"><code>1efadf4</code></a> Release 1.24.2 (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1564">#1564</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/a6ec68a5c5c5743c59fe5c62c635c929586c429b"><code>a6ec68a</code></a> Merging new release version: 1.24.1</li> <li><a href="https://github.com/urllib3/urllib3/commit/0cedb3b0f1e5d79c89c6db767c534b064b794cf2"><code>0cedb3b</code></a> Restore context.set_ciphers() to create_urllib3_context() (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1463">#1463</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/0aeba3be0224a930f6ffef254ed12b41303a86d7"><code>0aeba3b</code></a> Use bytearray to accumulate bytes from gzip (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1468">#1468</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/f8d1c787d9b02a70d66ddbde9c99061d9073d54a"><code>f8d1c78</code></a> Uninstall oclint to ensure gcc can be brew upgraded (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1464">#1464</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/cd7cfa613b2678e700597d098ce9bbdc934863e6"><code>cd7cfa6</code></a> Resolve pytest pluggy version conflict (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1457">#1457</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/b548abc9812a628d3290d0cab83e44f3c31ac6fe"><code>b548abc</code></a> Update changelog for 1.24 release</li> <li><a href="https://github.com/urllib3/urllib3/commit/ef0c74542abe69421a86c4d3c6a86fe43cb809a4"><code>ef0c745</code></a> Merging new release version: 1.24</li> <li><a href="https://github.com/urllib3/urllib3/commit/a0964d9947c07d2b8495726ac23ad251b5d236af"><code>a0964d9</code></a> Add missing key_server_hostname variable (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1449">#1449</a>)</li> <li><a href="https://github.com/urllib3/urllib3/commit/34d8298ecf93c84f9916457d89701d6d5c807780"><code>34d8298</code></a> Test against Python 3.7 on AppVeyor (<a href="https://github-redirect.dependabot.com/urllib3/urllib3/issues/1453">#1453</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/1.23...1.24.2">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchraghavendrashanthamaraju/std
branch : dependabot/pip/django-2.2.13
created branch time in a minute
create barnchraghavendrashanthamaraju/std
branch : dependabot/pip/urllib3-1.24.2
created branch time in a minute
PR opened Himanshusinghofficial/save_contacts
Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/lodash.template-4.5.0
created branch time in a minute
push eventSpraxDev/Api.Sprax2013.de
commit sha 8a81d2696bc47cfbfc2f6f85689c7e906c8f3bb7
Bump typescript from 3.9.5 to 3.9.6 Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.9.5 to 3.9.6. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](https://github.com/Microsoft/TypeScript/commits) Signed-off-by: dependabot[bot] <support@github.com>
commit sha a6a2481488be96b4f3c7b13ca3b5b24148af09b3
Merge pull request #137 from SpraxDev/dependabot/npm_and_yarn/typescript-3.9.6 Bump typescript from 3.9.5 to 3.9.6
commit sha c4076f775a5f36c0f2f110064e64e2e6bdb1d560
Bump @tensorflow/tfjs-node from 2.0.0 to 2.0.1 Bumps [@tensorflow/tfjs-node](https://github.com/tensorflow/tfjs) from 2.0.0 to 2.0.1. - [Release notes](https://github.com/tensorflow/tfjs/releases) - [Commits](https://github.com/tensorflow/tfjs/compare/tfjs-v2.0.0...tfjs-v2.0.1) Signed-off-by: dependabot[bot] <support@github.com>
push time in a minute
PR opened Himanshusinghofficial/save_contacts
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/mixin-deep-1.3.2
created branch time in a minute
PR opened amelhamoudi/Ask-Forms
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in a minute
create barnchamelhamoudi/Ask-Forms
branch : dependabot/npm_and_yarn/mixin-deep-1.3.2
created branch time in a minute
PR opened Himanshusinghofficial/save_contacts
Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/acorn-5.7.4
created branch time in 2 minutes
PR opened Himanshusinghofficial/save_contacts
Bumps serialize-javascript from 1.7.0 to 2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yahoo/serialize-javascript/releases">serialize-javascript's releases</a>.</em></p> <blockquote> <h2>v2.1.2</h2> <ul> <li>Ignore .nyc_output (<a href="https://github.com/styfle">@styfle</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix regular expressions Cross-Site Scripting (XSS) vulnerability (see <a href="https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx">security advisory</a>)</li> <li>Migrate to nyc from istanbul</li> </ul> <h2>v2.1.0</h2> <ul> <li>Add <code>ignoreFunction</code> option (<a href="https://github.com/realdennis">@realdennis</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> </ul> <h2>v2.0.0</h2> <ul> <li>re-landed <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> with bump major version (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">#57</a>)</li> </ul> <h3>Behavior changes for <code>undefined</code></h3> <p>It serializes <code>undefined</code> values as follows since this version. The result of serialization may be changed if you are passing <code>undefined</code> values into the <code>serialize-javascript</code>.</p> <p><strong>v2.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{"undef":undefined}' </code></pre></p> <p><strong>v1.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{}' </code></pre></p> <h2>v1.9.1</h2> <ul> <li>Revert <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> for breaking changes (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">yahoo/serialize-javascript#57</a>)</li> <li>Bump mocha from 5.2.0 to 6.2.0 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/56">#56</a>)</li> </ul> <h2>v1.9.0</h2> <ul> <li>support serialize undefined (<a href="https://github.com/nqdy666">@nqdy666</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a>)</li> <li>Update Node.js versions to tests</li> </ul> <h2>v1.8.0</h2> <ul> <li>Enhanced object literals don't have arrows (<a href="https://github.com/jowenjowen">@jowenjowen</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/51">#51</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yahoo/serialize-javascript/commit/6c43b02710bab8ddaf0d86dd2f9602af74ade7fc"><code>6c43b02</code></a> v2.1.2</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3e05a3f0128e541f4130359b4074f0b2ca4af326"><code>3e05a3f</code></a> Ignore .nyc_output (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3c46e8e55deedefb2fbf0c396ece4b6fb8db1036"><code>3c46e8e</code></a> Bump mocha from 6.2.0 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/62">#62</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/433fc9cafe375b3f376efd12730b226035c3ee3a"><code>433fc9c</code></a> 2.1.1</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/16a68ab53d9626fc7c942b48a1163108fcd184c8"><code>16a68ab</code></a> Merge pull request from GHSA-h9rv-jmmf-4pgx</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3bab6dee8db7317310a97af5d28f0f0479d21930"><code>3bab6de</code></a> Bump mocha from 6.2.1 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/60">#60</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/7a6b13dda9a8fda08bd2befecd9bbe833ddcc592"><code>7a6b13d</code></a> Bump mocha from 6.2.0 to 6.2.1 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/59">#59</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/40cf79364e71a5b5e50d1674859b4844f86d3879"><code>40cf793</code></a> Migrate to nyc from istanbul</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/31c98adc21a54f6900f9aa6a415731d1398637c1"><code>31c98ad</code></a> 2.1.0</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/9b47a961c257f25f4eb1488ba375041a2a2aee52"><code>9b47a96</code></a> Feat. New option <code>ignoreFunction</code> according to issue#32 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> <li>Additional commits viewable in <a href="https://github.com/yahoo/serialize-javascript/compare/v1.7.0...v2.1.2">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/serialize-javascript-2.1.2
created branch time in 2 minutes
push eventSpraxDev/Api.Sprax2013.de
commit sha 8a81d2696bc47cfbfc2f6f85689c7e906c8f3bb7
Bump typescript from 3.9.5 to 3.9.6 Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.9.5 to 3.9.6. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](https://github.com/Microsoft/TypeScript/commits) Signed-off-by: dependabot[bot] <support@github.com>
commit sha a6a2481488be96b4f3c7b13ca3b5b24148af09b3
Merge pull request #137 from SpraxDev/dependabot/npm_and_yarn/typescript-3.9.6 Bump typescript from 3.9.5 to 3.9.6
commit sha 432b94ecbd16017d20efe2808708cb41c9406b90
Bump node-cache from 5.1.1 to 5.1.2 Bumps [node-cache](https://github.com/node-cache/node-cache) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/node-cache/node-cache/releases) - [Commits](https://github.com/node-cache/node-cache/compare/v5.1.1...v5.1.2) Signed-off-by: dependabot[bot] <support@github.com>
push time in 2 minutes
PR opened ayush4334/react-login-and-users-list
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
PR opened Himanshusinghofficial/save_contacts
Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchHimanshusinghofficial/save_contacts
branch : dependabot/npm_and_yarn/client/eslint-utils-1.4.3
created branch time in 2 minutes
create barnchayush4334/react-login-and-users-list
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/serialize-javascript-2.1.2
delete time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/mixin-deep-1.3.2
delete time in 2 minutes
PR closed Atilean/weacast
Bumps serialize-javascript from 1.7.0 to 2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yahoo/serialize-javascript/releases">serialize-javascript's releases</a>.</em></p> <blockquote> <h2>v2.1.2</h2> <ul> <li>Ignore .nyc_output (<a href="https://github.com/styfle">@styfle</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> </ul> <h2>v2.1.1</h2> <ul> <li>Fix regular expressions Cross-Site Scripting (XSS) vulnerability (see <a href="https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx">security advisory</a>)</li> <li>Migrate to nyc from istanbul</li> </ul> <h2>v2.1.0</h2> <ul> <li>Add <code>ignoreFunction</code> option (<a href="https://github.com/realdennis">@realdennis</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> </ul> <h2>v2.0.0</h2> <ul> <li>re-landed <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> with bump major version (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">#57</a>)</li> </ul> <h3>Behavior changes for <code>undefined</code></h3> <p>It serializes <code>undefined</code> values as follows since this version. The result of serialization may be changed if you are passing <code>undefined</code> values into the <code>serialize-javascript</code>.</p> <p><strong>v2.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{"undef":undefined}' </code></pre></p> <p><strong>v1.x</strong></p> <pre lang="js"><code>const serialize = require('serialize-javascript'); <p>serialize({undef: undefined}); // '{}' </code></pre></p> <h2>v1.9.1</h2> <ul> <li>Revert <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a> for breaking changes (see: <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/57">yahoo/serialize-javascript#57</a>)</li> <li>Bump mocha from 5.2.0 to 6.2.0 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/56">#56</a>)</li> </ul> <h2>v1.9.0</h2> <ul> <li>support serialize undefined (<a href="https://github.com/nqdy666">@nqdy666</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/54">#54</a>)</li> <li>Update Node.js versions to tests</li> </ul> <h2>v1.8.0</h2> <ul> <li>Enhanced object literals don't have arrows (<a href="https://github.com/jowenjowen">@jowenjowen</a>, <a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/51">#51</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yahoo/serialize-javascript/commit/6c43b02710bab8ddaf0d86dd2f9602af74ade7fc"><code>6c43b02</code></a> v2.1.2</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3e05a3f0128e541f4130359b4074f0b2ca4af326"><code>3e05a3f</code></a> Ignore .nyc_output (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64">#64</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3c46e8e55deedefb2fbf0c396ece4b6fb8db1036"><code>3c46e8e</code></a> Bump mocha from 6.2.0 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/62">#62</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/433fc9cafe375b3f376efd12730b226035c3ee3a"><code>433fc9c</code></a> 2.1.1</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/16a68ab53d9626fc7c942b48a1163108fcd184c8"><code>16a68ab</code></a> Merge pull request from GHSA-h9rv-jmmf-4pgx</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/3bab6dee8db7317310a97af5d28f0f0479d21930"><code>3bab6de</code></a> Bump mocha from 6.2.1 to 6.2.2 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/60">#60</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/7a6b13dda9a8fda08bd2befecd9bbe833ddcc592"><code>7a6b13d</code></a> Bump mocha from 6.2.0 to 6.2.1 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/59">#59</a>)</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/40cf79364e71a5b5e50d1674859b4844f86d3879"><code>40cf793</code></a> Migrate to nyc from istanbul</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/31c98adc21a54f6900f9aa6a415731d1398637c1"><code>31c98ad</code></a> 2.1.0</li> <li><a href="https://github.com/yahoo/serialize-javascript/commit/9b47a961c257f25f4eb1488ba375041a2a2aee52"><code>9b47a96</code></a> Feat. New option <code>ignoreFunction</code> according to issue#32 (<a href="https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/58">#58</a>)</li> <li>Additional commits viewable in <a href="https://github.com/yahoo/serialize-javascript/compare/v1.7.0...v2.1.2">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
PR closed Atilean/weacast
Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
pull request commentAtilean/weacast
Bump mixin-deep from 1.3.1 to 1.3.2
Looks like mixin-deep is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
pull request commentAtilean/weacast
Bump serialize-javascript from 1.7.0 to 2.1.2
Looks like serialize-javascript is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
PR closed Atilean/weacast
Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ab73503859a2d2f7f603bc8a293ce93ecc071e83"><code>ab73503</code></a> Bump to v4.5.0.</li> <li><a href="https://github.com/lodash/lodash/commit/a4f7d4cc2a3b6d3a43f6c27beadbf90410eecdcd"><code>a4f7d4c</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/cca5ac60d61a2f786eeafadb674d6e12fc6179c8"><code>cca5ac6</code></a> Fix npm-test by removing the call to test-docs.</li> <li><a href="https://github.com/lodash/lodash/commit/9f7f9fc3c5f1a4db9a2134950872440c792ee8bb"><code>9f7f9fc</code></a> Adjust heading order. [ci skip]</li> <li><a href="https://github.com/lodash/lodash/commit/6e2fb92e9a2fd29ef630f71bd571afcdf0f2e206"><code>6e2fb92</code></a> Remove unused <code>baseArity</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/4f702e238183444ff392c3c7be5b48f1a7271519"><code>4f702e2</code></a> Specify utf8 encoding.</li> <li><a href="https://github.com/lodash/lodash/commit/b188f903ce41e624d6169f47a0c9e5091c178160"><code>b188f90</code></a> Add fp tests for iteratee shorthands.</li> <li><a href="https://github.com/lodash/lodash/commit/7b93dc9c3253c342a45881392d2308374a8909b3"><code>7b93dc9</code></a> Ensure clone methods clone expando properties of boolean, number, & string ob...</li> <li><a href="https://github.com/lodash/lodash/commit/664d66a89ec553438d5560239eba24d30867e580"><code>664d66a</code></a> Make string tests more consistent.</li> <li><a href="https://github.com/lodash/lodash/commit/d9dc0e6fd13c030029964b5ba468e0df3e2de3b2"><code>d9dc0e6</code></a> Add <code>_.invertBy</code> tests.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.4.0...4.5.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/acorn-5.7.4
delete time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/eslint-utils-1.4.3
delete time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
delete time in 2 minutes
PR closed Atilean/weacast
Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
PR closed Atilean/weacast
Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
pull request commentAtilean/weacast
Bump eslint-utils from 1.3.1 to 1.4.3
Looks like eslint-utils is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
PR closed Atilean/weacast
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr closed time in 2 minutes
pull request commentAtilean/weacast
Bump acorn from 5.7.3 to 5.7.4
Looks like acorn is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
pull request commentAtilean/weacast
Bump websocket-extensions from 0.1.3 to 0.1.4
Looks like websocket-extensions is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
PR opened vidhya123cse/pinpoint
Bumps requests from 0.11.1 to 2.20.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/master/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.20.0 (2018-10-18)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8).</li> <li>Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions.</li> <li>Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074)</li> <li><code>should_bypass_proxies</code> now handles URIs without hostnames (e.g. files).</li> </ul> <p><strong>Dependencies</strong></p> <ul> <li>Requests now supports urllib3 v1.24.</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Requests has officially stopped support for Python 2.6.</li> </ul> <h2>2.19.1 (2018-06-14)</h2> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed issue where status_codes.py's <code>init</code> function failed trying to append to a <code>doc</code> value of <code>None</code>.</li> </ul> <h2>2.19.0 (2018-06-12)</h2> <p><strong>Improvements</strong></p> <ul> <li>Warn user about possible slowdown when using cryptography version < 1.3.4</li> <li>Check for invalid host in proxy URL, before forwarding request to adapter.</li> <li>Fragments are now properly maintained across redirects. (RFC7231 7.1.2)</li> <li>Removed use of cgi module to expedite library load time.</li> <li>Added support for SHA-256 and SHA-512 digest auth algorithms.</li> <li>Minor performance improvement to <code>Request.content</code>.</li> <li>Migrate to using collections.abc for 3.7 compatibility.</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Parsing empty <code>Link</code> headers with <code>parse_header_links()</code> no longer return one bogus entry.</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/bd840450c0d1e9db3bf62382c15d96378cc3a056"><code>bd84045</code></a> v2.20.0</li> <li><a href="https://github.com/psf/requests/commit/7fd9267b3bab1d45f5e4ac0953629c5531ecbc55"><code>7fd9267</code></a> remove final remnants from 2.6</li> <li><a href="https://github.com/psf/requests/commit/6ae8a2189235b62d7c5b2a6b95528750f046097c"><code>6ae8a21</code></a> Add myself to AUTHORS</li> <li><a href="https://github.com/psf/requests/commit/89ab030cdb83a728a30e172bc65d27ba214d2eda"><code>89ab030</code></a> Use comprehensions whenever possible</li> <li><a href="https://github.com/psf/requests/commit/2c6a8426aebd853966747f2c851f551c583cb21a"><code>2c6a842</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4827">#4827</a> from webmaven/patch-1</li> <li><a href="https://github.com/psf/requests/commit/30be889651e7034eaa56edaf5794d68ffbfde9ed"><code>30be889</code></a> CVE URLs update: www sub-subdomain no longer valid</li> <li><a href="https://github.com/psf/requests/commit/a6cd380c640087218695bc7c62311a4843777e43"><code>a6cd380</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4765">#4765</a> from requests/encapsulate_urllib3_exc</li> <li><a href="https://github.com/psf/requests/commit/bbdbcc8f0553f112ff68b0950b4128bd8af000fc"><code>bbdbcc8</code></a> wrap url parsing exceptions from urllib3's PoolManager</li> <li><a href="https://github.com/psf/requests/commit/ff0c325014f817095de35013d385e137b111d6e8"><code>ff0c325</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/4805">#4805</a> from jdufresne/https</li> <li><a href="https://github.com/psf/requests/commit/b0ad2499c8641d29affc90f565e6628d333d2a96"><code>b0ad249</code></a> Prefer https:// for URLs throughout project</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v0.11.1...v2.20.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
PR opened vidhya123cse/pinpoint
Bumps gunicorn from 0.14.2 to 19.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>19.5.0</h2> <p>== 19.5.0 ==</p> <p>=== Core ===</p> <ul> <li>fix: Ensure response to HEAD request won't have message body</li> <li>fix: lock domain socket and remove on last arbiter exit (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1220">#1220</a>)</li> <li>improvement: use EnvironmentError instead of socket.error (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/939">#939</a>)</li> <li>add: new $FORWARDDED_ALLOW_IPS environment variable (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1205">#1205</a>)</li> <li>fix: infinite recursion when destroying sockets (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1219">#1219</a>)</li> <li>fix: close sockets on shutdown (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/922">#922</a>)</li> <li>fix: clean up sys.exc_info calls to drop circular refs (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1228">#1228</a>)</li> <li>fix: do post_worker_init after load_wsgi (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1248">#1248</a>)</li> </ul> <p>=== Workers ===</p> <ul> <li>fix access logging in gaiohttp worker (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1193">#1193</a>)</li> <li>eventlet: handle QUIT in a new coroutine (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1217">#1217</a>)</li> <li>gevent: remove obsolete exception clauses in run (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1218">#1218</a>)</li> <li>tornado: fix extra "Server" response header (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1246">#1246</a>)</li> <li>fix: unblock the wait loop under python 3.5 in sync worker (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1256">#1256</a>)</li> </ul> <p>=== Logging ===</p> <ul> <li>fix: log message for listener reloading (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1181">#1181</a>)</li> <li>Let logging module handle traceback printing (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1201">#1201</a>)</li> <li>improvement: Allow configuring logger_class with statsd_host (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1188">#1188</a>)</li> <li>fix: traceback formatting (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1235">#1235</a>)</li> <li>fix: print error logs on stderr and access logs on stdout (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1184">#1184</a>)</li> </ul> <p>=== Documentation ===</p> <ul> <li>Simplify installation instructions in gunicorn.org (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1072">#1072</a>)</li> <li>Fix URL and default worker type in example_config (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1209">#1209</a>)</li> <li>update django doc url to 1.8 lts (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1213">#1213</a>)</li> <li>fix: miscellaneous wording corrections (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1216">#1216</a>)</li> <li>Add PSF License Agreement of selectors.py to NOTICE (:issue: <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1226">#1226</a>)</li> <li>document LOGGING overriding (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1051">#1051</a>)</li> <li>put a note that error logs are only errors from Gunicorn (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1124">#1124</a>)</li> <li>add a note about the requirements of the threads workers under python 2.x (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1200">#1200</a>)</li> <li>add access_log_format to config example (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1251">#1251</a>)</li> </ul> <p>=== Tests ===</p> <ul> <li>Use more pytest.raises() in test_http.py</li> </ul> <h2>19.4.5</h2> <p>== 19.4.5 ==</p> <ul> <li>fix: NameError fileno in gunicorn.http.wsgi (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1178">#1178</a>)</li> </ul> <h2>19.4.4</h2> <p>== 19.4.4 ==</p> <ul> <li>fix: check if a fileobject can be used with sendfile(2) (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1174">#1174</a>)</li> <li>doc: be more descriptive in errorlog option (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1173">#1173</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benoitc/gunicorn/commit/7d61a60ebdc7c5def005f672117026d48fa9aaf5"><code>7d61a60</code></a> add changelog</li> <li><a href="https://github.com/benoitc/gunicorn/commit/58f190d346478e235ba6406d35e88b47f46a6041"><code>58f190d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1257">#1257</a> from benoitc/fix/1256</li> <li><a href="https://github.com/benoitc/gunicorn/commit/b0c03332489c86c1d5dc0c8dbc37fa202a378f3e"><code>b0c0333</code></a> unblock the wait loop under python 3.5</li> <li><a href="https://github.com/benoitc/gunicorn/commit/9d158bec94c91c62cd5cc28a27268a5b8804d795"><code>9d158be</code></a> Add access_log_format to config example (<a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1251">#1251</a>)</li> <li><a href="https://github.com/benoitc/gunicorn/commit/ded610ede9a2604fc92c6d75005c0678d29fcf9d"><code>ded610e</code></a> add a note about the requirements of the threads workers under python 2.x</li> <li><a href="https://github.com/benoitc/gunicorn/commit/6f9ae5ee2fc2ec62d15d17ec83a41d22b9ad63bb"><code>6f9ae5e</code></a> put a note that error logs are only errors from Gunicorn.</li> <li><a href="https://github.com/benoitc/gunicorn/commit/65db610afea4c764eb8493b0d96353d468071152"><code>65db610</code></a> print error logs on stderr and access logs on stdout</li> <li><a href="https://github.com/benoitc/gunicorn/commit/5fa32a6dbcb7f480a5779ff949df6bc22693b159"><code>5fa32a6</code></a> document LOGGING overriding</li> <li><a href="https://github.com/benoitc/gunicorn/commit/e005c9d93a71ac58a735eeb188091414d14b3ee8"><code>e005c9d</code></a> reverse change in example_config.py</li> <li><a href="https://github.com/benoitc/gunicorn/commit/66546d66df464d288b2f019fcc04de8396731ff6"><code>66546d6</code></a> fix <a href="https://github-redirect.dependabot.com/benoitc/gunicorn/issues/1246">#1246</a></li> <li>Additional commits viewable in <a href="https://github.com/benoitc/gunicorn/compare/0.14.2...19.5.0">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 2 minutes
create barnchvidhya123cse/pinpoint
branch : dependabot/pip/requests-2.20.0
created branch time in 2 minutes
create barnchvidhya123cse/pinpoint
branch : dependabot/pip/gunicorn-19.5.0
created branch time in 2 minutes
delete branch Atilean/weacast
delete branch : dependabot/npm_and_yarn/lodash.template-4.5.0
delete time in 2 minutes
delete branch mritunjayr/post-spring-boot-task
delete branch : dependabot/maven/mysql-mysql-connector-java-8.0.16
delete time in 2 minutes
delete branch SpraxDev/Api.Sprax2013.de
delete branch : dependabot/npm_and_yarn/typescript-3.9.6
delete time in 2 minutes
pull request commentAtilean/weacast
Bump lodash.template from 4.4.0 to 4.5.0
Looks like lodash.template is up-to-date now, so this is no longer needed.
comment created time in 2 minutes
delete branch kplich/ELX-front-end
delete branch : dependabot/npm_and_yarn/acorn-6.4.1
delete time in 2 minutes
delete branch SkinDB/SkinDB.net
delete branch : dependabot/npm_and_yarn/typescript-3.9.6
delete time in 3 minutes
delete branch Mc-Auth-com/Mc-Auth-Web
delete branch : dependabot/npm_and_yarn/node-cache-5.1.2
delete time in 3 minutes
PR opened deathengel3/graphs-angular
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchdeathengel3/graphs-angular
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in 3 minutes
PR opened vpvpp/JavaSpringRestAPI-s
Bumps hibernate-validator from 6.0.16.Final to 6.1.0.Final. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hibernate/hibernate-validator/blob/master/changelog.txt">hibernate-validator's changelog</a>.</em></p> <blockquote> <h2>6.1.0.Final (25-10-2019)</h2> <p>** Bug
- HV-1730 - engine - JavaBeanExecutable fails to initialize for enum type
- HV-1715 - engine - Validation can sometimes proceed to the next group in sequence even after one of the constraints generated a violation</p> <p>** Improvement
- HV-1729 - performance - Skip allocation of an action for each need to access the context classloader</p> <p>** Task
- HV-1743 - build - Upgrade maven-compiler-plugin to 3.8.1
- HV-1742 - build - Upgrade to WildFly 18.0.0.Final
- HV-1741 - build - Upgrade ByteBuddy test dependency to 1.10.2
- HV-1740 - engine - Deprecate <a href="https://github.com/SafeHtml">@SafeHtml</a>
- HV-1739 - engine - CVE-2019-10219 Security issue with <a href="https://github.com/SafeHtml">@SafeHtml</a>
- HV-1738 - build - Update Jackson test dependency to 2.9.10
- HV-1733 - tests - Fix locale settings of PredefinedScopeValidatorFactoryTest
- HV-1732 - build - Change tarLongFileMode to posix for assembly building
- HV-1731 - tck-runner - Move TCK signature check to tck-runner module
- HV-1728 - build - Upgrade to WildFly 17.0.1.Final
- HV-1727 - build - Update Jackson Databind test dependency to 2.9.9.2
- HV-1725 - build - Switch to using Jakarta EE artifacts
- HV-1724 - build - Update to OpenJFX 11.0.2
- HV-1680 - engine - Avoid reflection by using instrumentation - build the enhancer</p> <h2>6.1.0.Alpha6 (19-07-2019)</h2> <p>** Bug
- HV-1722 - engine - Remove settings-example.xml reference from .travis.yml
- HV-1721 - engine - Take into account Hibernate Validator-specific configuration with PredefinedScopeValidatorFactoryImpl
- HV-1720 - engine - Support bounded wildcard types in container value unwrapping</p> <p>** New Feature
- HV-1723 - validators - Provide a DigitsValidatorForMonetaryAmount to support <a href="https://github.com/Digits">@Digits</a> on MonetaryAmounts</p> <p>** Task
- HV-1726 - engine - Make PredefinedScopeHibernateValidatorFactory extend HibernateValidatorFactory</p> <h2>6.1.0.Alpha5 (13-06-2019)</h2> <p>** Bug
- HV-1713 - engine - Missing violation when a bean is validated with different groups
- HV-1709 - validators - Polish Identification numbers are not considering length of the value
- HV-1706 - validators - ISBN-13 algorithm does not handle checksum 10</p> <p>** Improvement
- HV-1719 - engine - Accept setting per-validator TraversableResolver with PredefinedScopeValidatorFactoryImpl</p> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hibernate/hibernate-validator/commit/713964afeb36a3852a5d7a97f7303fa9d56457a4"><code>713964a</code></a> [Jenkins release job] Preparing release 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/7ff5803b2cb8ab4d426ef569b2c41ddca859f253"><code>7ff5803</code></a> [Jenkins release job] changelog.txt updated by release build 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/77c9ca3a1d7e8d2c774827f83afa9225acbde76d"><code>77c9ca3</code></a> [Jenkins release job] README.md updated by release build 6.1.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/4194b025e062f2fc03af1bcd0fa63e8ac67e84c1"><code>4194b02</code></a> HV-1740 Deprecate <a href="https://github.com/SafeHtml">@SafeHtml</a> for planned future removal</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee"><code>124b7dd</code></a> HV-1739 Fix CVE-2019-10219 Security issue with <a href="https://github.com/SafeHtml">@SafeHtml</a></li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/2687d3353990b869d7aaeddcdcba17ec5daf158d"><code>2687d33</code></a> HV-1743 Upgrade maven-compiler-plugin to 3.8.1</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/8b92994c55308f45d7e9e9bafec020668edac2f1"><code>8b92994</code></a> HV-1742 Upgrade to WildFly 18.0.0.Final</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/ce6c698d886b7118900a3d8406927a36239426a9"><code>ce6c698</code></a> HV-1741 Upgrade ByteBuddy test dependency to 1.10.2</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/b115bb6d6b581beca9535dda49cba078c66472b0"><code>b115bb6</code></a> HV-1725 Fix a few remaining things in the README.md</li> <li><a href="https://github.com/hibernate/hibernate-validator/commit/fdfa7cef6c315f5c3c7318a352f7c47c9f11f713"><code>fdfa7ce</code></a> HV-1725 Explicitly ban javax dependencies</li> <li>Additional commits viewable in <a href="https://github.com/hibernate/hibernate-validator/compare/6.0.16.Final...6.1.0.Final">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
PR opened abdenny/cra-redux-toolkit-bs
Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 3 minutes
create barnchvpvpp/JavaSpringRestAPI-s
branch : dependabot/maven/org.hibernate.validator-hibernate-validator-6.1.0.Final
created branch time in 3 minutes
create barnchabdenny/cra-redux-toolkit-bs
branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4
created branch time in 3 minutes
delete branch gugamainchein/Qualicorp
delete branch : dependabot/npm_and_yarn/page_node_js/minimist-1.2.5
delete time in 3 minutes
delete branch mauriciocordeiro/agendjango
delete branch : dependabot/pip/django-2.2.13
delete time in 4 minutes
delete branch Mitars/DatingApp.SPA
delete branch : dependabot/npm_and_yarn/acorn-6.4.1
delete time in 4 minutes
push eventdanaph7t/p2p-media-loader
commit sha 2b3dd8bd592299a6b4744e78e1814ff2baa7430a
Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-shaka Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.3.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>
push time in 4 minutes
pull request commentMitars/DatingApp.SPA
Bump acorn from 6.4.0 to 6.4.1
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
comment created time in 4 minutes
PR opened Madhuri513/airlinereservationwithhibernate
Bumps mysql-connector-java from 5.1.38 to 8.0.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES">mysql-connector-java's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/">https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/</a></h1> <p>Version 8.0.20</p> <ul> <li> <p>Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.</p> </li> <li> <p>Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.</p> </li> <li> <p>Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.</p> </li> <li> <p>Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.</p> </li> <li> <p>Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.</p> </li> <li> <p>Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.</p> </li> <li> <p>Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.</p> </li> <li> <p>WL#12248, DevAPI: Connection compression.</p> </li> <li> <p>Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.</p> </li> <li> <p>Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".</p> </li> </ul> <p>Version 8.0.19</p> <ul> <li> <p>WL#13346, Support for mult-host and failover.</p> </li> <li> <p>Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.</p> </li> <li> <p>WL#13367, DNS SRV support.</p> </li> <li> <p>WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.</p> </li> <li> <p>Fix for regression tests broken by Bug#97079 fix.</p> </li> <li> <p>Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.</p> </li> <li> <p>Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.</p> </li> <li> <p>Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.</p> </li> </ul> <p>Version 8.0.18</p> <ul> <li> <p>WL#13347, Connectors should handle expired password sandbox without SET operations.</p> </li> <li> <p>Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysql/mysql-connector-j/commit/34cbc6bc61f72836e26327537a432d6db7c77de6"><code>34cbc6b</code></a> License book updated.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/793bd554e7e815607a1f325ef998efa8d4a4bef7"><code>793bd55</code></a> Minor fix for tests failing with URL without parameters.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/58600ccd78f6eeec3a15888f943a0475cd1d470f"><code>58600cc</code></a> WL#12825, Remove third-party libraries from sources and bundles.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/5aa15d557811bbdf0f23b150f361bb42fb7591cb"><code>5aa15d5</code></a> Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/1fecc2ba0dd7e9275fc1961ba8900e9d312bd351"><code>1fecc2b</code></a> Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/f5d24e32b05337320624788ccb99830171026483"><code>f5d24e3</code></a> Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/c49db58bbc8b29d0c1cd1bbfeb086b2e3dfa74e6"><code>c49db58</code></a> WL#12246, DevAPI: Prepared statement support.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/a5c3d29931a43429df84564d9e0c578468711a0d"><code>a5c3d29</code></a> Added definition file for msi building tools.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/13045c22524afd757de1f1d56339211801aec99e"><code>13045c2</code></a> WL#10839, Adjust c/J tests to the new "ON" default for</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/2e350a5d66cda9317aa308954bafaf952e8054cb"><code>2e350a5</code></a> Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.</li> <li>Additional commits viewable in <a href="https://github.com/mysql/mysql-connector-j/compare/5.1.38...8.0.16">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 4 minutes
create barnchMadhuri513/airlinereservationwithhibernate
branch : dependabot/maven/mysql-mysql-connector-java-8.0.16
created branch time in 4 minutes
PR opened danaph7t/p2p-media-loader
Bumps acorn from 6.3.0 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/6.3.0...6.4.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 4 minutes
push eventdanaph7t/p2p-media-loader
commit sha c415d36069374ce93ae1a16785a8373c24db8065
Bump acorn from 6.3.0 to 6.4.1 in /p2p-media-loader-hlsjs Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.3.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>
push time in 4 minutes
PR opened danaph7t/p2p-media-loader
Bumps acorn from 6.3.0 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/6.3.0...6.4.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 4 minutes
PR opened danaph7t/p2p-media-loader
Bumps acorn from 7.0.0 to 7.3.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/e265eae3499b01b176e71bdab8bdb0fe042f3e3d"><code>e265eae</code></a> Mark version 7.3.1</li> <li><a href="https://github.com/acornjs/acorn/commit/50fd1bc3d3f963109a55415903cb046a1c60421f"><code>50fd1bc</code></a> Mark version 7.1.0 of acorn-loose</li> <li><a href="https://github.com/acornjs/acorn/commit/ee03be32a82c31430f5f3f820f368b53c191cc25"><code>ee03be3</code></a> Mark version 7.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/4adea30d3aa0e536eb76f516344cab3cf93ee87e"><code>4adea30</code></a> add optional chaining</li> <li><a href="https://github.com/acornjs/acorn/commit/eec9b3762bb12314c1a82b71077d76eff4699547"><code>eec9b37</code></a> Fix parsing of ambiguous object pattern with a 'set' property with a default ...</li> <li><a href="https://github.com/acornjs/acorn/commit/f66c4e727368da794f4ded115990ce7accbcc08a"><code>f66c4e7</code></a> Add type definitions for acorn.mjs (<a href="https://github-redirect.dependabot.com/acornjs/acorn/issues/954">#954</a>)</li> <li><a href="https://github.com/acornjs/acorn/commit/304ae5e62aafd5362c52e74778026a08ff35f562"><code>304ae5e</code></a> Enable allowAwaitOutsideFunction in test262, update whitelist</li> <li><a href="https://github.com/acornjs/acorn/commit/6d555e826d962db66b3a2f4fb8361e57e5a1b171"><code>6d555e8</code></a> Mark verison 7.2.0</li> <li><a href="https://github.com/acornjs/acorn/commit/82ed10dfb6a3bdce15c77856fc4ed40abc628a39"><code>82ed10d</code></a> make test262 success on Windows</li> <li><a href="https://github.com/acornjs/acorn/commit/ec7cbd145d7e89ce1f6f31dc875b5dfb8092418a"><code>ec7cbd1</code></a> Add nullish coalescing</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/7.0.0...7.3.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 4 minutes
create barnchdanaph7t/p2p-media-loader
branch : dependabot/npm_and_yarn/p2p-media-loader-demo/acorn-7.3.1
created branch time in 4 minutes
delete branch opendistro-for-elasticsearch/security
delete branch : dependabot/maven/log4j.version-2.13.3
delete time in 4 minutes
PR opened mritunjayr/post-spring-boot-task
Bumps mysql-connector-java from 8.0.15 to 8.0.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES">mysql-connector-java's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/">https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/</a></h1> <p>Version 8.0.20</p> <ul> <li> <p>Fix for Bug#30805426, IN CASE OF ISAUTHMETHODSWITCHREQUESTPACKET , TOSERVERS > 1 ARE IGNORED.</p> </li> <li> <p>Fix for Bug#97714 (30570249), Contribution: Expose elapsed time for query interceptor to avoid hacky thread local implementations. Thanks to Matti Sillanpää and Johnathan Crawford for their contribution.</p> </li> <li> <p>Fix for Bug#97724 (30570721), Contribution: Allow '3.' formatted numbers. Thanks to Nick Pollett for his contribution.</p> </li> <li> <p>Fix for Bug#98536 (30877755), SIMPLEDATEFORMAT COULD CACHE A WRONG CALENDAR.</p> </li> <li> <p>Fix for Bug#91112 (28125069), AGAIN WRONG JAVA.SQL.DATE.</p> </li> <li> <p>Fix for Bug#30474158, CONNECTOR/J 8 DOES NOT HONOR THE REQUESTED RESULTSETTYPE SCROLL_INSENSITIVE ETC.</p> </li> <li> <p>Fix for Bug#98445 (30832513), Connection option clientInfoProvider=ClientInfoProviderSP causes NPE.</p> </li> <li> <p>WL#12248, DevAPI: Connection compression.</p> </li> <li> <p>Fix for Bug#30636056, ResultSetUtil.resultSetToMap() can be unsafe to use.</p> </li> <li> <p>Fix for Bug#97757 (30584907), NULLPOINTEREXCEPTION WITH CACHERESULTSETMETADATA=TRUE AND EXECUTEQUERY OF "SET".</p> </li> </ul> <p>Version 8.0.19</p> <ul> <li> <p>WL#13346, Support for mult-host and failover.</p> </li> <li> <p>Fix for Bug#97413 (30477722), DATABASEMETADATA IS BROKEN AFTER SERVER WL#13528.</p> </li> <li> <p>WL#13367, DNS SRV support.</p> </li> <li> <p>WL#12736, DevAPI: Specify TLS ciphers to be used by a client or session.</p> </li> <li> <p>Fix for regression tests broken by Bug#97079 fix.</p> </li> <li> <p>Fix for Bug#96383 (30119545) RS.GETTIMESTAMP() HAS DIFFERENT RESULTS FOR TIME FIELDS WITH USECURSORFETCH=TRUE.</p> </li> <li> <p>Fix for Bug#96059 (29999318), ERROR STREAMING MULTI RESULTSETS WITH MYSQL-CONNECTOR-JAVA 8.0.X.</p> </li> <li> <p>Fix for Bug#96442 (30151808), INCORRECT DATE ERROR WHEN CALLING GETMETADATA ON PREPARED STATEMENT.</p> </li> </ul> <p>Version 8.0.18</p> <ul> <li> <p>WL#13347, Connectors should handle expired password sandbox without SET operations.</p> </li> <li> <p>Fix for Bug#84098 (25223123), endless loop in LoadBalancedAutoCommitInterceptor.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysql/mysql-connector-j/commit/34cbc6bc61f72836e26327537a432d6db7c77de6"><code>34cbc6b</code></a> License book updated.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/793bd554e7e815607a1f325ef998efa8d4a4bef7"><code>793bd55</code></a> Minor fix for tests failing with URL without parameters.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/58600ccd78f6eeec3a15888f943a0475cd1d470f"><code>58600cc</code></a> WL#12825, Remove third-party libraries from sources and bundles.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/5aa15d557811bbdf0f23b150f361bb42fb7591cb"><code>5aa15d5</code></a> Fix for Bug#93590 (29054329), javax.net.ssl.SSLException: closing inbound bef...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/1fecc2ba0dd7e9275fc1961ba8900e9d312bd351"><code>1fecc2b</code></a> Fix for Bug#94414 (29384853), Connector/J RPM package have version number in ...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/f5d24e32b05337320624788ccb99830171026483"><code>f5d24e3</code></a> Fix for Bug#27786499, REDUNDANT FILES IN DEBIAN PACKAGE FOR DEBIAN9(COMMUNITY...</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/c49db58bbc8b29d0c1cd1bbfeb086b2e3dfa74e6"><code>c49db58</code></a> WL#12246, DevAPI: Prepared statement support.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/a5c3d29931a43429df84564d9e0c578468711a0d"><code>a5c3d29</code></a> Added definition file for msi building tools.</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/13045c22524afd757de1f1d56339211801aec99e"><code>13045c2</code></a> WL#10839, Adjust c/J tests to the new "ON" default for</li> <li><a href="https://github.com/mysql/mysql-connector-j/commit/2e350a5d66cda9317aa308954bafaf952e8054cb"><code>2e350a5</code></a> Fix for Bug#29329326, PLEASE AVOID SHOW PROCESSLIST IF POSSIBLE.</li> <li>Additional commits viewable in <a href="https://github.com/mysql/mysql-connector-j/compare/8.0.15...8.0.16">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes
create barnchmritunjayr/post-spring-boot-task
branch : dependabot/maven/mysql-mysql-connector-java-8.0.16
created branch time in 5 minutes
pull request commentopendistro-for-elasticsearch/security
Bump log4j.version from 2.11.1 to 2.13.3
OK, I won't notify you again about this release, but will get in touch when a new version is available.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
comment created time in 5 minutes
PR opened kotavi/security-on-github
Bumps debug from 2.6.8 to 4.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/visionmedia/debug/releases">debug's releases</a>.</em></p> <blockquote> <h2>4.1.1</h2> <p>This backport fixes a bug in coveralls configuration as well as the <code>.extend()</code> function.</p> <h1>Patches</h1> <ul> <li>test: only run coveralls on travis (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/663">#663</a>, <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/664">#664</a>, d0e498f159bd425b3403db38c98fe26a345d4dcd)</li> <li>copy custom logger to namespace extension (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/646">#646</a>, 57ef085703a0158679cc4a56a4980653b828ce51)</li> </ul> <h2>4.1.0</h2> <h1>Minor Changes</h1> <ul> <li>migrate Makefile to npm scripts (4236585a40787fe60ed625452163299600df2ce6)</li> <li>feat: Return namespaces string when invoking disable() (7ef8b417a86941372074f749019b9f439a1f6ef6)</li> </ul> <p>Massive <em>thank you</em> to <a href="https://github.com/mblarsen">@mblarsen</a> and <a href="https://github.com/outsideris">@outsideris</a> for knocking out two long-awaited changes.</p> <h2>4.0.1</h2> <p>This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com.</p> <h3>Patches</h3> <ul> <li>fix browserify and supply alternative unpkg entry point (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/606">#606</a>): 99c95e3d54b07a918ad65bc148a2930ea8bfdd02</li> </ul> <h2>4.0.0</h2> <p>A long-awaited release to <code>debug</code> is available now: <strong><code>4.0.0</code></strong>.</p> <h4>Due to the delay in release and the number of changes made (including bumping dependencies in order to mitigate vulnerabilities), it is highly recommended maintainers update to the latest package version and <em>test thoroughly</em>.</h4> <h4>This release drops support for Node 4 and 5 in alignment with the <a href="https://github.com/nodejs/Release">Node.js LTS Release Schedule</a>.</h4> <hr /> <h3>Major Changes</h3> <ul> <li>move to XO (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/397">#397</a>): ba8a424d41e9dc6129e081ac3aa9715be6a45fbd</li> <li>add Node.js 10, remove Node.js 4 (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/583">#583</a>): 05b0ceb8856bc7b6bb0f2adc3de5cae3cea9c872</li> </ul> <h3>Minor Changes</h3> <ul> <li>bump vulnerable packages: 853853f9f588044d76df3daf1959ca56c5f341b7</li> <li>Fix nwjs support (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/569">#569</a>): 207a6a2d53507ec9dd57c94c46cc7d3dd272306d</li> <li>add instance extends feature (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/524">#524</a>): e43e5fed177b8698674748063f4ed1aaba1d59c8</li> <li>Add TVMLKit support (<a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/579">#579</a>): 02b9ea9fd7ec95c42de47da13b4b6bb8e50025d8</li> </ul> <h3>Patches</h3> <ul> <li>clean up builds: 3ca23316a470f6bc6e0d75d297179cfc19bbc763</li> <li>remove needless command aliases in makefile: 9f4f8f59ba745166b0c014a61c76de5e73d4841a</li> <li>no longer checking for BROWSER=1: 623c08ef73f8211278d5596c88041c65a2a58ee7</li> <li>fix tests: 57cde56e43003f6b404d4b3d9d76b74aafaeeec8</li> <li>clean up makefile: 62822f12668e8a0b1d1a4fd5a1c2fce1d8715da3</li> <li>fix tests: 833b6f84c8f8dc5b6f13da38ab0ef8a8ff86c0c9</li> <li>add .editorconfig: 2d2509e26bf6df1e1954267e3b1a1cb83973fb09</li> <li>add yarn-error.log to .gitignore: 7e1d5d94f31b37b460fb8d88000ab7ed0be3597e</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/visionmedia/debug/commit/68b4dc8d8549d3924673c38fccc5d594f0a38da1"><code>68b4dc8</code></a> 4.1.1</li> <li><a href="https://github.com/visionmedia/debug/commit/75716080a39f916f643bae2671ba2fdfe78d1c45"><code>7571608</code></a> remove .coveralls.yaml</li> <li><a href="https://github.com/visionmedia/debug/commit/57ef085703a0158679cc4a56a4980653b828ce51"><code>57ef085</code></a> copy custom logger to namespace extension (fixes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/646">#646</a>)</li> <li><a href="https://github.com/visionmedia/debug/commit/d0e498f159bd425b3403db38c98fe26a345d4dcd"><code>d0e498f</code></a> test: only run coveralls on travis</li> <li><a href="https://github.com/visionmedia/debug/commit/e30e8fdbc92c4cf6b3007cd1c3ad2c3cbb82be85"><code>e30e8fd</code></a> 4.1.0</li> <li><a href="https://github.com/visionmedia/debug/commit/7ef8b417a86941372074f749019b9f439a1f6ef6"><code>7ef8b41</code></a> feat: Return namespaces string when invoking disable()</li> <li><a href="https://github.com/visionmedia/debug/commit/4236585a40787fe60ed625452163299600df2ce6"><code>4236585</code></a> migrate Makefile to npm scripts</li> <li><a href="https://github.com/visionmedia/debug/commit/4490cd95bfb952e1ed756914ac225ddc987b2ba3"><code>4490cd9</code></a> 4.0.1</li> <li><a href="https://github.com/visionmedia/debug/commit/99c95e3d54b07a918ad65bc148a2930ea8bfdd02"><code>99c95e3</code></a> fix browserify and supply alternative unpkg entry point (closes <a href="https://github-redirect.dependabot.com/visionmedia/debug/issues/606">#606</a>)</li> <li><a href="https://github.com/visionmedia/debug/commit/7fb104b8cfcbc3a91d8e4a6727638c3fe24be8d2"><code>7fb104b</code></a> 4.0.0</li> <li>Additional commits viewable in <a href="https://github.com/visionmedia/debug/compare/2.6.8...4.1.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~qix">qix</a>, a new releaser for debug since your current version.</p> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes
create barnchkotavi/security-on-github
branch : dependabot/npm_and_yarn/debug-4.1.1
created branch time in 5 minutes
PR opened melaninm/melaninm.github.io
Bumps lodash from 4.17.10 to 4.17.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ddfd9b11a0126db2302cb70ec9973b66baec0975"><code>ddfd9b1</code></a> Bump to v4.17.15.</li> <li><a href="https://github.com/lodash/lodash/commit/b185fcee26b2133bd071f4aaca14b455c2ed1008"><code>b185fce</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/be87d303941222b97c482755afc0f4a77ce46c30"><code>be87d30</code></a> Bump to v4.17.14.</li> <li><a href="https://github.com/lodash/lodash/commit/a6fe6b1e174fd02b5e60eb2664405f4c1262c300"><code>a6fe6b1</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/e37182845f16715a0d1c391c8662d83c55609cee"><code>e371828</code></a> Bump to v4.17.13.</li> <li><a href="https://github.com/lodash/lodash/commit/357e899e685872b4af5403ecc4b2a928f961ae63"><code>357e899</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/fd9a062d57646450b61f74029315abd4cc834b08"><code>fd9a062</code></a> Bump to v4.17.12.</li> <li><a href="https://github.com/lodash/lodash/commit/e77d68121ff00ba86b53eed5893d35adfe94c9dd"><code>e77d681</code></a> Rebuild lodash and docs.</li> <li><a href="https://github.com/lodash/lodash/commit/629d1865793182cd967196716f4beff223aa4a91"><code>629d186</code></a> Update OpenJS references.</li> <li><a href="https://github.com/lodash/lodash/commit/2406eac542b2a1282be8d812a6d8a45433ade80a"><code>2406eac</code></a> Fix minified build.</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.10...4.17.15">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes
create barnchmelaninm/melaninm.github.io
branch : dependabot/npm_and_yarn/assets/bootstrap-select-1.13.9/lodash-4.17.15
created branch time in 5 minutes
PR opened melaninm/melaninm.github.io
Bumps acorn from 6.0.2 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li><a href="https://github.com/acornjs/acorn/commit/ac6decb94a3aa4eee99230fdaf5883dfaafe8479"><code>ac6decb</code></a> Mark version 6.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/7e9817d17639d95cc6dbacfde734a0626b2a7dea"><code>7e9817d</code></a> Allow sourceType: module even with ecmaVersion < 6</li> <li><a href="https://github.com/acornjs/acorn/commit/e2b8cc087386eccc2ad6fd4a02b4257833557cb3"><code>e2b8cc0</code></a> Fix broken parsing of new expressions when allowReserved=="never"</li> <li><a href="https://github.com/acornjs/acorn/commit/1555c528855b10320ce98b4154906d7898c92990"><code>1555c52</code></a> Update acorn.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/77c20fa2c2f490e646b67e6a0ff7e75fb54ab6c8"><code>77c20fa</code></a> Mark version 6.2.1</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/6.0.2...6.4.1">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes
create barnchmelaninm/melaninm.github.io
branch : dependabot/npm_and_yarn/assets/bootstrap-select-1.13.9/acorn-6.4.1
created branch time in 5 minutes
PR opened melaninm/melaninm.github.io
Bumps eslint-utils from 1.3.1 to 1.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mysticatea/eslint-utils/releases">eslint-utils's releases</a>.</em></p> <blockquote> <h2>v1.4.3</h2> <h2>🐛 Bug fixes</h2> <ul> <li>8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of <code>ReferenceTracker</code>.</li> </ul> <h2>v1.4.2</h2> <h2>🐛 Bug fixes</h2> <ul> <li>e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.</li> </ul> <h2>v1.4.1</h2> <h2>🐛 Bug fixes</h2> <ul> <li>c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed <code>getStaticValue()</code> function to handle <code>null</code> literal correctly even if runtimes don't support BigInt natively.</li> <li>587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed <code>getStringIfConstant()</code> function to handle regular expression literals and BigInt literals even if runtimes don't support those.</li> <li>08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.</li> </ul> <h2>v1.4.0</h2> <h2>✨ Enhancements</h2> <ul> <li>66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added <code>isParenthesized()</code> function that checks if a given node is parenthesized or not.</li> <li>4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added <code>hasSideEffect()</code> function that checks if a given node may have side-effects or not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mysticatea/eslint-utils/commit/23f4ddc58eda5e6aec3d6a43c6266acbe19345cd"><code>23f4ddc</code></a> 🔖 1.4.3</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/8f9e481ecc1204c7a1331b697f97903f90c75154"><code>8f9e481</code></a> 🐛 fix reference tracker false positive</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/663327835abfb1f62fc6fc5d69028457e11b5f80"><code>6633278</code></a> ⚒ fix test scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/7c8e67c22f7222685a6a9154ba5eec2ac4896a3e"><code>7c8e67c</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/41ff95e728db2c52122ae3dad42997dccd223388"><code>41ff95e</code></a> ⚒ update dependencies</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/49420121ff4d2b4758d4016848055c1631389faa"><code>4942012</code></a> ⚒ fix build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/f1c8d02b3fd190a97e39603929c0aabe36c9904f"><code>f1c8d02</code></a> ⚒ update build scripts</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/a88598a74f0d71376447c4ecb6b56b27272f3992"><code>a88598a</code></a> Create FUNDING.yml</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed"><code>4e1bc07</code></a> 1.4.2</li> <li><a href="https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77"><code>e4cb014</code></a> 🐛 add null test</li> <li>Additional commits viewable in <a href="https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.3">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes
PR opened goswamiaugnai/RecklessWorld.github.io
Bumps https-proxy-agent from 2.2.2 to 2.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/TooTallNate/node-https-proxy-agent/releases">https-proxy-agent's releases</a>.</em></p> <blockquote> <h2>2.2.4</h2> <h3>Patches</h3> <ul> <li>Add <code>.editorconfig</code> file: a0d4a20458498fc31e5721471bd2b655e992d44b</li> <li>Add <code>.eslintrc.js</code> file: eecea74a1db1c943eaa4f667a561fd47c33da897</li> <li>Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy errors: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/83">#83</a></li> <li>Remove unused <code>stream</code> module: 9fdcd47bd813e9979ee57920c69e2ee2e0683cd4</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/lpinca">@lpinca</a> for helping!</p> <h2>2.2.3</h2> <h3>Patches</h3> <ul> <li>Update README with actual <code>secureProxy</code> behavior: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/65">#65</a></li> <li>Update <code>proxy</code> to v1.0.0: d0e3c18079119057b05582cb72d4fda21dfc2546</li> <li>Remove unreachable code: 46aad0988b471f042856436cf3192b0e09e36fe6</li> <li>Test on Node.js 10 and 12: 3535951e482ea52af4888938f59649ed92e81b2b</li> <li>Fix compatibility with Node.js >= 10.0.0: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/73">#73</a></li> <li>Use an <code>EventEmitter</code> to replay failed proxy connect HTTP requests: <a href="https://github-redirect.dependabot.com/TooTallNate/node-https-proxy-agent/issues/77">#77</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/stoically">@stoically</a>, <a href="https://github.com/lpinca">@lpinca</a>, and <a href="https://github.com/zkochan">@zkochan</a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4c4cce8cb60fd3ac6171e4428f972698eb49f45a"><code>4c4cce8</code></a> 2.2.4</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/9fdcd47bd813e9979ee57920c69e2ee2e0683cd4"><code>9fdcd47</code></a> Remove unused <code>stream</code> module</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/34ea8841922fb6447563b0521f972ac3a6062303"><code>34ea884</code></a> Use a <code>net.Socket</code> instead of a plain <code>EventEmitter</code> for replaying proxy erro...</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/4296770b6a0e631e3f8e7bd6cfd41ac8e91a3ec4"><code>4296770</code></a> Prettier</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/eecea74a1db1c943eaa4f667a561fd47c33da897"><code>eecea74</code></a> Add <code>.eslintrc.js</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/a0d4a20458498fc31e5721471bd2b655e992d44b"><code>a0d4a20</code></a> Add <code>.editorconfig</code> file</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/0d8e8bfe8b12e6ffe79a39eb93068cdf64c17e78"><code>0d8e8bf</code></a> 2.2.3</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/850b8359b7d0467d721705106b58f4c7cfb937dd"><code>850b835</code></a> Revert "Use Mocha 5 for Node 4 support"</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/f5f56fa48ea4d2a61c385938e7753f5c1fe049d6"><code>f5f56fa</code></a> Remove Node 4 from Travis</li> <li><a href="https://github.com/TooTallNate/node-https-proxy-agent/commit/bb837b984bd868ad69080812eb8eab01181b21d7"><code>bb837b9</code></a> Revert "Remove Node 4 from Travis"</li> <li>Additional commits viewable in <a href="https://github.com/TooTallNate/node-https-proxy-agent/compare/2.2.2...2.2.4">compare view</a></li> </ul> </details> <br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
<details> <summary>Dependabot commands and options</summary> <br />
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
</details>
pr created time in 5 minutes