profile
viewpoint
安正超 overtrue Tencent. Shenzhen,China http://overtrue.me Keep calm and coding.

overtrue/easy-sms 2005

:calling: 一款满足你的多种发送需求的短信发送组件

overtrue/laravel-lang 1003

:earth_asia: 68 languages support for Laravel application.

overtrue/api.yike.io 907

一刻社区后端 API 源码

overtrue/laravel-follow 633

:heart: This package helps you to add user based follow system to your model.

overtrue/laravel-pinyin 433

:cn: Chinese to Pinyin translator for Laravel 5 / Lumen

overtrue/laravel-filesystem-qiniu 408

A Qiniu Storage filesystem for Laravel

overtrue/chinese-calendar 349

:date: 中国农历(阴历)与阳历(公历)转换与查询工具

overtrue/laravel-query-logger 259

:pencil: A dev tool to log all queries for laravel application.

overtrue/flysystem-qiniu 173

:floppy_disk: Flysystem adapter for the Qiniu storage.

overtrue/laravel-emoji 135

:smile: This package assist you in getting started with emoji easily.

PR closed overtrue/flysystem-qiniu

Update phpunit/phpunit requirement from ~8.0 to ~9.0 dependencies

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Updates the requirements on phpunit/phpunit to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sebastianbergmann/phpunit/blob/master/ChangeLog-9.0.md">phpunit/phpunit's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/sebastianbergmann/phpunit/compare/8.5.2...master">9.0.0</a> - 2020-02-07</h2> <h3>Added</h3> <ul> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3797">#3797</a>: Add support for multiple <code>--whitelist</code> options</li> </ul> <h3>Changed</h3> <ul> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3630">#3630</a>: Deprecate support for <code>ClassName<*></code> as values for <code>@covers</code> and <code>@uses</code> annotations (this deprecation is not implemented in code, you will not get a deprecation warning when you use this feature in PHPUnit 9)</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3770">#3770</a>: Deprecate <code>MockBuilder::setMethods()</code> (this deprecation is not implemented in code, you will not get a deprecation warning when you use this feature in PHPUnit 9)</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3746">#3746</a>: Improve developer experience of global wrapper functions for assertions</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/pull/3914">#3914</a>: Refactor <code>PHPUnit\Util\Configuration</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/4024">#4024</a>: Make <code>PHPUnit\TextUI\ResultPrinter</code> an interface</li> <li>Multiple test case classes (classes that extend <code>TestCase</code>) that are declared in a single sourcecode file are no longer supported</li> </ul> <h3>Removed</h3> <ul> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3333">#3333</a>: Remove annotation(s) for expecting exceptions</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3334">#3334</a>: Drop support for PHP 7.2</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3339">#3339</a>: Remove assertions (and helper methods) that operate on (non-public) attributes</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3342">#3342</a>: Remove optional parameters of <code>assertEquals()</code> and <code>assertNotEquals()</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3370">#3370</a>: Remove <code>assertInternalType()</code> and <code>assertNotInternalType()</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3426">#3426</a>: Clean up <code>assertContains()</code> and <code>assertNotContains()</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3495">#3495</a>: Remove <code>assertArraySubset()</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3523">#3523</a>: Remove the <code>setUseErrorHandler()</code> method</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3776">#3776</a>: Deprecate <code>expectException(PHPUnit\Framework\Error*)</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3951">#3951</a>: Remove optional parameters of <code>assertFileEquals()</code> etc.</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3956">#3956</a>: Remove support for doubling multiple interfaces</li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3957">#3957</a>: Remove <code>expectExceptionMessageRegExp()</code></li> <li>Implemented <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/4012">#4012</a>: Remove class name as CLI argument</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/a5be9621b19ee19dca5f150a5b159f48b5389547"><code>a5be962</code></a> Prepare release</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/3a99a8ddf832ce85d29d4510d1f48e90a8f50c01"><code>3a99a8d</code></a> Merge branch '8.5'</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/db6a66913fe7794a2bd60b38d538b5ce744622a5"><code>db6a669</code></a> Update tools</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/d33d9ea9b4e4e85a7f85f1425d7cafb7f61fa6bf"><code>d33d9ea</code></a> Closes <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3770">#3770</a></li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/c0e4b957fa3d7c16b580853d594f0bb416305000"><code>c0e4b95</code></a> Closes <a href="https://github-redirect.dependabot.com/sebastianbergmann/phpunit/issues/3630">#3630</a></li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/2bd12ffc9d962d150133cab04c00103229a7df44"><code>2bd12ff</code></a> Update ChangeLog</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/c416694f7d32539c2f6703b85843e737f97defd0"><code>c416694</code></a> Bump</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/303897ff70e7d9d9e7173755aacee0f6bf6ee1d2"><code>303897f</code></a> Fix</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/e02ce5bdd527e20bcec6089846e2cc78110ad9dd"><code>e02ce5b</code></a> Rename method</li> <li><a href="https://github.com/sebastianbergmann/phpunit/commit/b6fcd8290a37d301a4a87abaf2593d5f1ac5bd45"><code>b6fcd82</code></a> This is now immutable</li> <li>Additional commits viewable in <a href="https://github.com/sebastianbergmann/phpunit/compare/8.0.0...9.0.0">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 21 hours

pull request commentovertrue/flysystem-qiniu

Update phpunit/phpunit requirement from ~8.0 to ~9.0

@dependabot ignore this major version

dependabot-preview[bot]

comment created time in 21 hours

push eventovertrue/flysystem-qiniu

dependabot-preview[bot]

commit sha 7d8c7a3b58537c8cedc601ac7dd098fd7d6c4b72

Update mockery/mockery requirement from 1.2.3 to 1.3.1 Updates the requirements on [mockery/mockery](https://github.com/mockery/mockery) to permit the latest version. - [Release notes](https://github.com/mockery/mockery/releases) - [Changelog](https://github.com/mockery/mockery/blob/master/CHANGELOG.md) - [Commits](https://github.com/mockery/mockery/compare/1.2.3...1.3.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

安正超

commit sha 6ed154e7e3d8b5d5108db67e0a42cfb9a242ef51

Merge pull request #34 from overtrue/dependabot/composer/mockery/mockery-1.3.1 Update mockery/mockery requirement from 1.2.3 to 1.3.1

view details

push time in 21 hours

PR merged overtrue/flysystem-qiniu

Update mockery/mockery requirement from 1.2.3 to 1.3.1 dependencies

Updates the requirements on mockery/mockery to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mockery/mockery/releases">mockery/mockery's releases</a>.</em></p> <blockquote> <h2>1.3.1</h2> <ul> <li>Revert improved exception debugging due to BC breaks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mockery/mockery/blob/master/CHANGELOG.md">mockery/mockery's changelog</a>.</em></p> <blockquote> <h2>1.3.1 (2019-12-26)</h2> <ul> <li>Revert improved exception debugging due to BC breaks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a>)</li> </ul> <h2>1.3.0 (2019-11-24)</h2> <ul> <li>Added capture <code>Mockery::capture</code> convenience matcher (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1020">#1020</a>)</li> <li>Added <code>andReturnArg</code> to echo back an argument passed to a an expectation (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/992">#992</a>)</li> <li>Improved exception debugging (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1000">#1000</a>)</li> <li>Fixed <code>andSet</code> to not reuse properties between mock objects (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1012">#1012</a>)</li> </ul> <h2>1.2.4 (2019-09-30)</h2> <ul> <li>Fix a bug introduced with previous release, for empty method definition lists (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1009">#1009</a>)</li> </ul> <h2>1.2.3 (2019-08-07)</h2> <ul> <li>Allow mocking classes that have allows and expects methods (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/868">#868</a>)</li> <li>Allow passing thru __call method in all mock types (experimental) (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/969">#969</a>)</li> <li>Add support for <code>!</code> to blacklist methods (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/959">#959</a>)</li> <li>Added <code>withSomeOfArgs</code> to partial match a list of args (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/967">#967</a>)</li> <li>Fix chained demeter calls with type hint (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/956">#956</a>)</li> </ul> <h2>1.2.2 (2019-02-13)</h2> <ul> <li>Fix a BC breaking change for PHP 5.6/PHPUnit 5.7.27 (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/947">#947</a>)</li> </ul> <h2>1.2.1 (2019-02-07)</h2> <ul> <li>Support for PHPUnit 8 (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/942">#942</a>)</li> <li>Allow mocking static methods called on instance (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/938">#938</a>)</li> </ul> <h2>1.2.0 (2018-10-02)</h2> <ul> <li>Starts counting default expectations towards count (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/910">#910</a>)</li> <li>Adds workaround for some HHVM return types (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/909">#909</a>)</li> <li>Adds PhpStorm metadata support for autocomplete etc (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/904">#904</a>)</li> <li>Further attempts to support multiple PHPUnit versions (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/903">#903</a>)</li> <li>Allows setting constructor expectations on instance mocks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/900">#900</a>)</li> <li>Adds workaround for HHVM memoization decorator (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/893">#893</a>)</li> <li>Adds experimental support for callable spys (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/712">#712</a>)</li> </ul> <h2>1.1.0 (2018-05-08)</h2> <ul> <li>Allows use of string method names in allows and expects (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/794">#794</a>)</li> <li>Finalises allows and expects syntax in API (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/799">#799</a>)</li> <li>Search for handlers in a case instensitive way (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/801">#801</a>)</li> <li>Deprecate allowMockingMethodsUnnecessarily (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/808">#808</a>)</li> <li>Fix risky tests (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/769">#769</a>)</li> <li>Fix namespace in TestListener (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/812">#812</a>)</li> <li>Fixed conflicting mock names (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/813">#813</a>)</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mockery/mockery/commit/f69bbde7d7a75d6b2862d9ca8fab1cd28014b4be"><code>f69bbde</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a> from robertbasic/revert-exception-debugging</li> <li><a href="https://github.com/mockery/mockery/commit/580b98c96219ce598a7f3610ed1352f1ecf6de27"><code>580b98c</code></a> Add changelog</li> <li><a href="https://github.com/mockery/mockery/commit/12c5d771833312544dfc687f4d48d77a4a6e8b0f"><code>12c5d77</code></a> Revert "Improve exception debugging"</li> <li><a href="https://github.com/mockery/mockery/commit/c21660612104ad072bbc3f0f3d934689160924dc"><code>c216606</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1027">#1027</a> from dciancu/master</li> <li><a href="https://github.com/mockery/mockery/commit/84ee0466159e39726abbc568b0566b060e01a88d"><code>84ee046</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1028">#1028</a> from GrahamCampbell/patch-1</li> <li><a href="https://github.com/mockery/mockery/commit/0c865d33186e7573835e57bdbddde88f8f4b2a05"><code>0c865d3</code></a> Fixed branch alias</li> <li><a href="https://github.com/mockery/mockery/commit/4f5f771438ebaf16a4413d580a5d68888a13aabc"><code>4f5f771</code></a> Add back getActualArguments() to NoMatchingExpectationException</li> <li><a href="https://github.com/mockery/mockery/commit/5571962a4f733fbb57bede39778f71647fae8e66"><code>5571962</code></a> Prepare changelog for 1.3 release</li> <li><a href="https://github.com/mockery/mockery/commit/6f3f2bbdbdbc8ba58b539505c0684fbd3b0aa0bb"><code>6f3f2bb</code></a> Adds note about <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1020">#1020</a> to changelog</li> <li><a href="https://github.com/mockery/mockery/commit/59630503e673ca9ec57e11a3654234da8350ef94"><code>5963050</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1020">#1020</a> from jasonmccreary/capture</li> <li>Additional commits viewable in <a href="https://github.com/mockery/mockery/compare/1.2.3...1.3.1">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 21 hours

issue commentovertrue/flysystem-qiniu

key带有特殊符号的情况换生成的getUrl生成的链接编码错误

QiniuAdapter::parse_url $replacements = array('!', '*', "'", '(', ')', ';', ':', '@', '&', '=', '$', ',', '/', '?', '#', '[', ']');

刚刚到这段代码,作者可以加上~吗,我当作图片样式时通不过

麻烦提供一个实例 key 看看?

wh469012917

comment created time in 21 hours

push eventEasyWeChat/docs

Lostvincent

commit sha 84ad69a7757e7675aca0ff4adaca42f611564779

fix typo

view details

安正超

commit sha 6fea0d74e35538bfc73da970132b89516aa7ee87

Merge pull request #247 from Lostvincent/patch-1 Fix typo

view details

push time in 2 days

PR merged EasyWeChat/docs

Fix typo
+2 -2

0 comment

1 changed file

Lostvincent

pr closed time in 2 days

issue commenthandshake-org/hs-tree-data

Failed to download nonces file

git clone https://github.com/handshake-org/hs-tree-data ~/.hs-tree-data
alivebao

comment created time in 2 days

push eventEasyWeChat/docs

Hanson

commit sha f0528d5a39214b01f784a955e82df07f05148883

Create contract.md

view details

安正超

commit sha 051ec1fee563a92553f1222c9465920e24f74994

Merge pull request #246 from Hanson/patch-4 签约文档

view details

push time in 6 days

PR merged EasyWeChat/docs

签约文档
+45 -0

0 comment

1 changed file

Hanson

pr closed time in 6 days

startedarzzen/git-quick-stats

started time in 6 days

delete branch overtrue/wechat

delete branch : analysis-ajVBxW

delete time in 7 days

PR closed overtrue/wechat

Apply fixes from StyleCI

This pull request applies code style fixes from an analysis carried out by StyleCI.


For more information, click here.

+7 -6

0 comment

2 changed files

overtrue

pr closed time in 7 days

created tagovertrue/wechat

tag4.2.14

:package: It is probably the best SDK in the world for developing WeChat App.

created time in 7 days

release overtrue/wechat

4.2.14

released time in 7 days

create barnchovertrue/wechat

branch : analysis-ajVBxW

created branch time in 7 days

PR opened overtrue/wechat

Apply fixes from StyleCI

This pull request applies code style fixes from an analysis carried out by StyleCI.


For more information, click here.

+7 -6

0 comment

2 changed files

pr created time in 7 days

push eventovertrue/wechat

Hanson

commit sha cb859e567917d6b9d2fb16465efc8aed000af3b7

增加签约模块 (#1798)

view details

push time in 7 days

PR merged overtrue/wechat

增加签约模块
+163 -0

0 comment

7 changed files

Hanson

pr closed time in 7 days

startednuxt-community/tailwindcss-module

started time in 7 days

startedsymfony/http-client

started time in 7 days

startedflorinpop17/app-ideas

started time in 7 days

startedTencent/TencentOS-tiny

started time in 8 days

created tagovertrue/wechat

tag4.2.13

:package: It is probably the best SDK in the world for developing WeChat App.

created time in 8 days

release overtrue/wechat

4.2.13

released time in 8 days

push eventovertrue/wechat

她和她的猫

commit sha 26861367db892fa9980ad38453b5b6a9e750caa6

企业微信群机器人不需要获取 AccessToken (#1797)

view details

push time in 8 days

issue closedovertrue/wechat

无法发送企业微信群机器人消息

我用的环境

  • PHP 版本:
  • overtrue/wechat 版本:
  • 是否使用了框架?框架名称:laravel

问题及现象

发送群机器人消息出现access token错误. 实际上官方文档不需要access token。如果没有创建应用无法获取access token.

closed time in 8 days

2898117012

startedPanJiaChen/vue-countTo

started time in 9 days

startednkoik/vue-animated-number

started time in 9 days

created tagovertrue/wechat

tag4.2.12

:package: It is probably the best SDK in the world for developing WeChat App.

created time in 10 days

release overtrue/wechat

4.2.12

released time in 10 days

push eventovertrue/wechat

她和她的猫

commit sha aa12d3608a1d7c373b9e885df6b07571d22795cd

提交小程序页面支持 (#1790) * 提交小程序页面支持 * 提交小程序页面支持单元测试

view details

push time in 10 days

PR merged overtrue/wechat

提交小程序页面支持

fixed #1788

微信文档:https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/search/search.submitPages.html

+110 -0

0 comment

4 changed files

her-cat

pr closed time in 10 days

issue closedovertrue/wechat

请问支持不支持小程序的 submitPages ?

如题。多谢。

submit 相关文档如下:

https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/search/search.submitPages.html

closed time in 10 days

greedying

startedEvilCult/iptv-m3u-maker

started time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 3e84cd40d5d6cdf1436a04f2783e2d59f7af9832

update from gridea: 2020-02-09 23:36:18

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 4e7132c1886bb89d7dba48972766d91b96abfee6

update from gridea: 2020-02-09 23:34:58

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 7991df71b299fe41f682c566a5fc8d30bbdb5f17

update from gridea: 2020-02-09 23:18:14

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 191c90949f8d6132c785e1cc58be625987b010e4

update from gridea: 2020-02-09 23:15:59

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha bfff902b8bfb9b1802bdf4b633d94a1aaf08eed5

update from gridea: 2020-02-09 23:04:12

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 5fd72aa7198e9ca9d9168f25a5bcf3d44be0cb5f

update from gridea: 2020-02-09 23:03:42

view details

push time in 10 days

issue closedovertrue/blog

博客文章链接错误

超哥这篇文章《GitHub windows客户端报https错误解决办法》的链接写错了,从首页进来的链接是这样的: http://overtrue.megithub-windows-https-error/

而实际正确的链接应该是: http://overtrue.me/articles/2014/10/github-windows-https-error.html

closed time in 10 days

imxfly

issue closedovertrue/blog

访问博客怎么去了Deployer页面了?

超哥,访问你的博客怎么是Deployer。。。 😢

closed time in 10 days

imxfly

issue closedovertrue/blog

Hello | overtrue

https://overtrue.me/hello/

Hello world!

closed time in 10 days

overtrue

push eventovertrue/overtrue.github.io

overtrue

commit sha 7090c6f6c9dfc214ebcac90c129ed5e80022cb71

update from gridea: 2020-02-09 21:50:59

view details

overtrue

commit sha eeb4fa623858ccf4156143277fa6b9341a2dbfa4

update from gridea: 2020-02-09 22:45:26

view details

push time in 10 days

issue openedovertrue/blog

Laravel 中如何更方便的修改 Passport Personal Access Token 过期时间 | overtrue

https://overtrue.me/set-expired-at-for-laravel-passport-personal-access-token/

认真看过 Laravel Passport 文档 的人应该知道,它的 Personal Access Token 是不支持自定义过期时间的,tokensExpireIn 对此类 token 无效,原文如下:

Personal access...

created time in 10 days

issue commentovertrue/blog

Hello world! - overtrue

hello!

overtrue

comment created time in 10 days

issue openedovertrue/blog

Hello | overtrue

https://overtrue.me/hello/

Hello world!

created time in 10 days

issue closedovertrue/blog

Laravel 中如何更方便的修改 Passport Personal Access Token 过期时间 | overtrue

https://overtrue.me/set-expired-at-for-laravel-passport-personal-access-token/

认真看过 Laravel Passport 文档 的人应该知道,它的 Personal Access Token 是不支持自定义过期时间的,tokensExpireIn 对此类 token 无效,原文如下:

Personal access...

closed time in 10 days

overtrue

issue closedovertrue/blog

我写了一份 PHP 拓展包开发教程 | overtrue

https://overtrue.me/php-package-develop-tutorial/

这里所谓的拓展包,其实就是指的 Composer 包啦,很多人其实都有想去做自己的拓展包,但是又不知道从何下手,所以,作为一个还算熟悉的拓展包开发者当然有这个责任将这个技能分享给大家了。 下图是目录结构,感兴趣的同学可以花 ¥20 元学习一...

closed time in 10 days

overtrue

issue openedovertrue/blog

Laravel 中如何更方便的修改 Passport Personal Access Token 过期时间 | overtrue

https://overtrue.me/set-expired-at-for-laravel-passport-personal-access-token/

认真看过 Laravel Passport 文档 的人应该知道,它的 Personal Access Token 是不支持自定义过期时间的,tokensExpireIn 对此类 token 无效,原文如下:

Personal access...

created time in 10 days

issue openedovertrue/blog

我写了一份 PHP 拓展包开发教程 | overtrue

https://overtrue.me/php-package-develop-tutorial/

这里所谓的拓展包,其实就是指的 Composer 包啦,很多人其实都有想去做自己的拓展包,但是又不知道从何下手,所以,作为一个还算熟悉的拓展包开发者当然有这个责任将这个技能分享给大家了。 下图是目录结构,感兴趣的同学可以花 ¥20 元学习一...

created time in 10 days

push eventovertrue/overtrue.github.io

安正超

commit sha 6ae4dcd3aff94c20589dceb3a72a628e5868a15e

Create CNAME

view details

push time in 10 days

push eventovertrue/overtrue.github.io

安正超

commit sha c13ad56acac787b2e594feca779e45e66a816c8c

Delete CNAME

view details

push time in 10 days

push eventovertrue/overtrue.github.io

overtrue

commit sha 653ce195fbed2d85022d8b478d9e7c4151923a23

first commit

view details

overtrue

commit sha 129a00e93645af587e0aabc54e9c1166c9d524eb

update from gridea: 2020-02-09 21:08:44

view details

overtrue

commit sha 7253111efd0aabb90d18a36d687963b03e876cf8

update from gridea: 2020-02-09 21:36:04

view details

push time in 10 days

delete branch overtrue/laravel-shopping-cart

delete branch : analysis-L3m43n

delete time in 12 days

push eventovertrue/laravel-shopping-cart

安正超

commit sha 4aa5d9963f349c856bb1a0dfe9153b0a7aa6c35d

Apply fixes from StyleCI (#53)

view details

push time in 12 days

PR merged overtrue/laravel-shopping-cart

Apply fixes from StyleCI

This pull request applies code style fixes from an analysis carried out by StyleCI.


For more information, click here.

+0 -1

0 comment

1 changed file

overtrue

pr closed time in 12 days

PR opened overtrue/laravel-shopping-cart

Apply fixes from StyleCI

This pull request applies code style fixes from an analysis carried out by StyleCI.


For more information, click here.

+0 -1

0 comment

1 changed file

pr created time in 12 days

create barnchovertrue/laravel-shopping-cart

branch : analysis-L3m43n

created branch time in 12 days

push eventovertrue/laravel-revaluation

overtrue

commit sha 31ead15e9c7898960b003aba14c14cfee29e86c0

starts with

view details

push time in 13 days

startedMilesChou/schemarkdown

started time in 13 days

created tagovertrue/socialite

tag2.0.14

:octocat: Socialite is an OAuth2 Authentication tool. It is inspired by laravel/socialite, you can easily use it without Laravel.

created time in 13 days

release overtrue/socialite

2.0.14

released time in 13 days

push eventovertrue/laravel-revaluation

Summer

commit sha 27ae81810045eb0d2621565ef822da4d7db9e519

Update README.md

view details

安正超

commit sha 15e687cbbc8597f5f8810914039426bbca0c2db7

Merge pull request #12 from summerblue/patch-1 Update README.md

view details

push time in 13 days

PR merged overtrue/laravel-revaluation

Update README.md
+7 -1

0 comment

1 changed file

summerblue

pr closed time in 13 days

push eventovertrue/laravel-revaluation

安正超

commit sha 56bc3986c84fd758d7c737db43306ccbb68650ca

Update composer.json

view details

push time in 13 days

push eventovertrue/socialite

overtrue

commit sha a18f195b0d370350752187e78d33c835a41db703

Fixed #151

view details

push time in 13 days

issue closedovertrue/socialite

[github notify] Please use the Authorization HTTP header instead as using the `access_token` query parameter is deprecated.

https://api.github.com/user

Please use the Authorization HTTP header instead as using the access_token query parameter is deprecated.

Depending on your API usage, we'll be sending you this email reminder once every 3 days for each token and User-Agent used in API calls made on your behalf. Just one URL that was accessed with a token and User-Agent combination will be listed in the email reminder, not all.

Visit https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters for more information.

closed time in 13 days

jsyzchen

Pull request review commentovertrue/laravel-query-logger

Option to log queries that last more than x seconds

+<?php++/*+ * This file is part of the overtrue/laravel-query-logger.+ *+ * (c) overtrue <i@overtrue.me>+ *+ * This source file is subject to the MIT license that is bundled+ * with this source code in the file LICENSE.+ */++return [+    /*+     * Enable or disable+     */++    'enabled' => env('QUERY_LOGGER_ENABLED', true),++    /*+     * Min size of query to log in miliseconds+     */++    'miliseconds' => 0,

Thnaks, Maybe need a more appropriate name, But I don't have a better idea yet.

skalero01

comment created time in 13 days

push eventovertrue/blog

dependabot[bot]

commit sha 029fdbea465bb503651e68c33ff7f30c3f661558

Bump lodash from 4.17.11 to 4.17.15 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>

view details

安正超

commit sha 04d125d13189286b166d665d6150f9aaa7f7e865

Merge pull request #79 from overtrue/dependabot/npm_and_yarn/lodash-4.17.15 Bump lodash from 4.17.11 to 4.17.15

view details

push time in 13 days

PR merged overtrue/blog

Bump lodash from 4.17.11 to 4.17.15 dependencies javascript

Bumps lodash from 4.17.11 to 4.17.15. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump grunt-assets-inline from 1.2.2 to 1.2.3 dependencies

Bumps grunt-assets-inline from 1.2.2 to 1.2.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparanoid/grunt-assets-inline/blob/master/CHANGELOG.md">grunt-assets-inline's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/sparanoid/grunt-assets-inline/compare/v1.2.2...v1.2.3">1.2.3</a> (2020-02-04)</h2> <p><a name="1.2.2"></a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparanoid/grunt-assets-inline/commit/55876e0c63af1a531c962c542357129e7eb651f6"><code>55876e0</code></a> chore: release v1.2.3</li> <li><a href="https://github.com/sparanoid/grunt-assets-inline/commit/b21969e0540ac27d776deeaf28c68b07a781d6d0"><code>b21969e</code></a> chore: update contributors</li> <li><a href="https://github.com/sparanoid/grunt-assets-inline/commit/7481724de872faedb9130a258867e68913f14870"><code>7481724</code></a> Fix error on fragment with first node as Node.COMMENT_NODE</li> <li>See full diff in <a href="https://github.com/sparanoid/grunt-assets-inline/compare/v1.2.2...v1.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+91 -57

0 comment

3 changed files

dependabot-preview[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump autoprefixer from 9.6.0 to 9.7.4 dependencies

Bumps autoprefixer from 9.6.0 to 9.7.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/autoprefixer/releases">autoprefixer's releases</a>.</em></p> <blockquote> <h2>9.7.4</h2> <ul> <li>Fix warning text (by <a href="https://github.com/TheRusskiy">@TheRusskiy</a>).</li> </ul> <h2>9.7.3</h2> <ul> <li>Fix compatibility with PostCSS Modules.</li> </ul> <h2>9.7.2</h2> <ul> <li>Add <code>-ms-user-select: element</code> support.</li> <li>Add funding link for <code>npm fund</code>.</li> </ul> <h2>9.7.1</h2> <ul> <li>Avoid unnecessary transitions in prefixed selectors (by <a href="https://github.com/fanich37">@fanich37</a>).</li> <li>Fix <code>fit-content</code> for Firefox.</li> </ul> <h2>9.7 “Ad Victoriam”</h2> Brotherhood of Steel coat of arms <p>Autoprefixer 9.7 brings <code>AUTOPREFIXER_GRID</code> environment variable and huge performance improvments.</p> <h2>Grid Environment Variable</h2> <p>Autoprefixer can add <a href="https://github.com/postcss/autoprefixer#does-autoprefixer-polyfill-grid-layout-for-ie">CSS Grid polyfills for IE</a>. You need to manually enable it to prove that you understand the limits of polyfill.</p> <p>In previous versions you can enable Grid polyfill by <code>grid: 'autoplace'</code> option or by <code>/* autoprefixer grid: autoplace */</code> control comment. But in some cases, developers were not able to use both methods. For instance, during <a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1257">work with Material UI’ CSS-in-JS in Create React App</a>.</p> <p>Now Autoprefixer supports environment variable to enable CSS Grid polyfill:</p> <pre lang="sh"><code>AUTOPREFIXER_GRID=autoplace npm build </code></pre> <h2>Performance Improvements</h2> <p><a href="https://github.com/Knagis">@Knagis</a> <a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1256">found</a> that Browserslist takes 70% of the Autoprefixer time.</p> <p><img src="https://user-images.githubusercontent.com/19343/67489064-e0a10400-f6ab-11e9-895b-1507608e2446.png" alt="Autoprefixer 9.6.5 profiling" /></p> <p>We did a lot of improvements in Browserslist and now Autoprefixer should work much faster.</p> <p><img src="https://user-images.githubusercontent.com/19343/67489142-01695980-f6ac-11e9-96a2-c2cc169b6767.png" alt="67417985-a283e180-f5d2-11e9-879a-e364c9acccf1" /></p> <h2>Other</h2> <ul> <li>Fix <a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1244"><code>Cannot read property 'grid' of undefined</code></a> error</li> </ul> <h2>9.6.5</h2> <ul> <li>Fix selector prefixing (by <a href="https://github.com/fanich37">@fanich37</a>).</li> </ul> <h2>9.6.4</h2> <ul> <li>Now the real fix for <code>'startsWith' of undefined</code> error.</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md">autoprefixer's changelog</a>.</em></p> <blockquote> <h2>9.7.4</h2> <ul> <li>Fix warning text (by Dmitry Ishkov).</li> </ul> <h2>9.7.3</h2> <ul> <li>Fix compatibility with PostCSS Modules.</li> </ul> <h2>9.7.2</h2> <ul> <li>Add <code>-ms-user-select: element</code> support.</li> <li>Add funding link for <code>npm fund</code>.</li> </ul> <h2>9.7.1</h2> <ul> <li>Avoid unnecessary transitions in prefixed selectors (by Andrey Alexandrov).</li> <li>Fix <code>fit-content</code> for Firefox.</li> </ul> <h2>9.7 “Ad Victoriam”</h2> <ul> <li>Add <code>AUTOPREFIXER_GRID</code> env variable to enable Grid Layout polyfill for IE.</li> <li>Fix <code>Cannot read property 'grid' of undefined</code> error.</li> </ul> <h2>9.6.5</h2> <ul> <li>Fix selector prefixing (by Andrey Alexandrov).</li> </ul> <h2>9.6.4</h2> <ul> <li>Now the real fix for <code>'startsWith' of undefined</code> error.</li> </ul> <h2>9.6.3</h2> <ul> <li>Fix <code>Cannot read property 'startsWith' of undefined</code> error.</li> </ul> <h2>9.6.2</h2> <ul> <li>Fix false <code>Replace fill to stretch</code> warning.</li> </ul> <h2>9.6.1</h2> <ul> <li>Fix <code>-webkit-line-clamp</code> truncating multi-line text support.</li> </ul> <h2>9.6 “Nunc id vides, nunc ne vides”</h2> <ul> <li>Show warning about Browserslist config on <code>browser</code> option.</li> <li>Add warning-less <code>overrideBrowserslist</code> option.</li> <li>Add <code>text-orientation</code> support.</li> <li>Add <code>min-resolution: 2x</code> alias support.</li> <li>Add <code>.github/CONTRIBUTING.md</code> (by Juan Martin Marco).</li> </ul> <h2>9.5.1</h2> <ul> <li>Fix <code>backdrop-filter</code> for Edge (by Oleh Aloshkin).</li> <li>Fix <code>min-resolution</code> media query support in Firefox < 16.</li> </ul> <h2>9.5 “Draco dormiens nunquam titillandus”</h2> <ul> <li>Add <code>mask-composite</code> support (by Semen Levenson).</li> </ul> <h2>9.4.10</h2> <ul> <li>Add warning for named Grid rows.</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/postcss/autoprefixer/commit/fcdd87911c4eb0a635307e118b74d840df2bd990"><code>fcdd879</code></a> Release 9.7.4 version</li> <li><a href="https://github.com/postcss/autoprefixer/commit/503ac708e4b695793768317cc8a9255e2bb4d975"><code>503ac70</code></a> Update dependencies</li> <li><a href="https://github.com/postcss/autoprefixer/commit/c0ec973a3a4a6fdfd7610ffc068eaa5e556145d3"><code>c0ec973</code></a> fix typo (<a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1276">#1276</a>)</li> <li><a href="https://github.com/postcss/autoprefixer/commit/0ee84d70f3f474e6f408c3078fe61db65a26ee0a"><code>0ee84d7</code></a> Clean up CLI</li> <li><a href="https://github.com/postcss/autoprefixer/commit/a09d9f13cfbfbe1cfceda0ea696b4cbc35ff090d"><code>a09d9f1</code></a> Clean up tests (<a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1273">#1273</a>)</li> <li><a href="https://github.com/postcss/autoprefixer/commit/05e515e3fde3cc051f785219075cca95a42339e7"><code>05e515e</code></a> Add test for at-rules (<a href="https://github-redirect.dependabot.com/postcss/autoprefixer/issues/1272">#1272</a>)</li> <li><a href="https://github.com/postcss/autoprefixer/commit/4a3e207af5084964d29018a1a2fc337243a11f95"><code>4a3e207</code></a> Release 9.7.3 version</li> <li><a href="https://github.com/postcss/autoprefixer/commit/55027d714ef01d17fc6bb2737c85181c002ed656"><code>55027d7</code></a> Fix Node.js 6 test in CI</li> <li><a href="https://github.com/postcss/autoprefixer/commit/f09a9288dbe04631a8a69b29df08f1f029a90c23"><code>f09a928</code></a> Do not run Size Limit for Node.js 6</li> <li><a href="https://github.com/postcss/autoprefixer/commit/0fa06b49d87ea48b580f2ea1001d8bed0493368d"><code>0fa06b4</code></a> Update dependencies</li> <li>Additional commits viewable in <a href="https://github.com/postcss/autoprefixer/compare/9.6.0...9.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+77 -64

0 comment

3 changed files

dependabot-preview[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump grunt-jekyll from 1.0.0 to 1.0.1 dependencies

Bumps grunt-jekyll from 1.0.0 to 1.0.1. <details> <summary>Changelog</summary>

Sourced from grunt-jekyll's changelog.

1.0.1 (2019-08-24)

Features

<a name="1.0.0"></a> </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+8 -8

0 comment

3 changed files

dependabot-preview[bot]

pr closed time in 13 days

PR closed overtrue/blog

[Security] Bump lodash from 4.17.11 to 4.17.15 dependencies security

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps lodash from 4.17.11 to 4.17.15. This update includes security fixes. <details> <summary>Vulnerabilities fixed</summary>

Sourced from The GitHub Security Advisory Database.

High severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge, lodash.mergewith, and lodash.defaultsdeep Affected versions of lodash are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

Affected versions: < 4.17.13

</details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it). To ignore the version in this PR you can just close it
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+3 -3

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump lodash.template from 4.4.0 to 4.5.0 dependencies

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary>

  • ab73503 Bump to v4.5.0.
  • a4f7d4c Rebuild lodash and docs.
  • cca5ac6 Fix npm-test by removing the call to test-docs.
  • 9f7f9fc Adjust heading order. [ci skip]
  • 6e2fb92 Remove unused baseArity.
  • 4f702e2 Specify utf8 encoding.
  • b188f90 Add fp tests for iteratee shorthands.
  • 7b93dc9 Ensure clone methods clone expando properties of boolean, number, & string ob...
  • 664d66a Make string tests more consistent.
  • d9dc0e6 Add _.invertBy tests.
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

</details>

+4 -4

0 comment

1 changed file

dependabot[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump grunt-concurrent from 2.3.1 to 3.0.0 dependencies

Bumps grunt-concurrent from 2.3.1 to 3.0.0. <details> <summary>Release notes</summary>

Sourced from grunt-concurrent's releases.

v3.0.0

Breaking:

  • Require Node.js 8 and Grunt 1 468aec3

Enhancements:

  • Add indent option (#101) f8e1fd9

https://github.com/sindresorhus/grunt-concurrent/compare/v2.3.1...v3.0.0 </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

+43 -25

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump handlebars from 4.1.0 to 4.1.2 dependencies

Bumps handlebars from 4.1.0 to 4.1.2. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.1.2 - April 13th, 2019

Chore/Test:

  • #1515 - Port over linting and test for typings (@​zimmi88)
  • chore: add missing typescript dependency, add package-lock.json - 594f1e3
  • test: remove safari from saucelabs - 871accc

Bugfixes:

  • fix: prevent RCE through the "lookup"-helper - cd38583

Compatibility notes:

Access to the constructor of a class thought {{lookup obj "constructor" }} is now prohibited. This closes a leak that only half closed in versions 4.0.13 and 4.1.0, but it is a slight incompatibility.

This kind of access is not the intended use of Handlebars and leads to the vulnerability described in #1495. We will not increase the major version, because such use is not intended or documented, and because of the potential impact of the issue (we fear that most people won't use a new major version and the issue may not be resolved on many systems).

Commits

v4.1.1 - March 16th, 2019

Bugfixes:

  • fix: add "runtime.d.ts" to allow "require('handlebars/runtime')" in TypeScript - 5cedd62

Refactorings:

  • replace "async" with "neo-async" - 048f2ce
  • use "substring"-function instead of "substr" - 445ae12

Compatibility notes:

  • This is a bugfix release. There are no breaking change and no new features.

Commits </details> <details> <summary>Commits</summary>

  • 10b5fcf v4.1.2
  • dd0144c Update release notes
  • 594f1e3 chore: add missing typescript dependency, add package-lock.json
  • 871accc test: remove safari from saucelabs
  • cd38583 fix: prevent RCE through the "lookup"-helper
  • c454d94 Merge pull request #1515 from zimmi88/4.x-typings-lint
  • 9cfb5dd Merge pull request #1516 from phil-davis/revert-double-release-notes
  • be44246 Remove triplicate of v4.0.12 release notes
  • 002561b Revert "Update release notes"
  • 3fb6687 Port over linting and test for typings
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

</details>

+10 -26

0 comment

1 changed file

dependabot[bot]

pr closed time in 13 days

PR closed overtrue/blog

Bump js-yaml from 3.13.0 to 3.13.1 dependencies

Bumps js-yaml from 3.13.0 to 3.13.1. <details> <summary>Changelog</summary>

Sourced from js-yaml's changelog.

3.13.1 / 2019-04-05

  • Fix possible code execution in (already unsafe) .load(), #480. </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 13 days

delete branch overtrue/blog

delete branch : dependabot/npm_and_yarn/handlebars-4.7.3

delete time in 13 days

push eventovertrue/blog

dependabot-preview[bot]

commit sha 9bec0534d92ecfd477ece73bc4cce631b81cf095

[Security] Bump handlebars from 4.1.0 to 4.7.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.0 to 4.7.3. **This update includes a security fix.** - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.7.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

安正超

commit sha 3dae6c6855c2011b4a73bf883431adb46d369034

Merge pull request #78 from overtrue/dependabot/npm_and_yarn/handlebars-4.7.3 [Security] Bump handlebars from 4.1.0 to 4.7.3

view details

push time in 13 days

PR merged overtrue/blog

[Security] Bump handlebars from 4.1.0 to 4.7.3 dependencies security

Bumps handlebars from 4.1.0 to 4.7.3. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-w457-6q6x-cgp9">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>High severity vulnerability that affects handlebars</strong> Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's <strong>proto</strong> and <strong>defineGetter</strong> properties, which may allow an attacker to execute arbitrary code through crafted payloads.</p> <p>Affected versions: < 4.3.0</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/wycats/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.3 - February 5th, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1644">#1644</a> - Download links to aws broken on handlebarsjs.com - access denied (<a href="https://api.github.com/users/Tea56">@Tea56</a>)</li> <li>Fix spelling and punctuation in changelog - d78cc73</li> </ul> <p>Bugfixes:</p> <ul> <li>Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a> - 4de51fe</li> <li>Include Type Definition for runtime.js in Package - a32d05f</li> </ul> <p>Compatibility notes:</p> <ul> <li>No incompatibilities are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.2...v4.7.3">Commits</a></p> <h2>v4.7.2 - January 13th, 2020</h2> <p>Bugfixes:</p> <ul> <li>fix: don't wrap helpers that are not functions - 9d5aa36, <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1639">#1639</a></li> </ul> <p>Chore/Build:</p> <ul> <li>chore: execute saucelabs-task only if access-key exists - a4fd391</li> </ul> <p>Compatibility notes:</p> <ul> <li>No breaking changes are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.1...v4.7.2">Commits</a></p> <h2>v4.7.1 - January 12th, 2020</h2> <p>Bugfixes:</p> <ul> <li>fix: fix log output in case of illegal property access - f152dfc</li> <li>fix: log error for illegal property access only once per property - 3c1e252</li> </ul> <p>Compatibility notes:</p> <ul> <li>no incompatibilities are to be expected.</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.0...v4.7.1">Commits</a></p> <h2>v4.7.0 - January 10th, 2020</h2> <p>Features:</p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/wycats/handlebars.js/commit/c9789691af60b446f12f75dd9762f9d8fd3f36eb"><code>c978969</code></a> v4.7.3</li> <li><a href="https://github.com/wycats/handlebars.js/commit/9278f217e0033cc980c58d50e7fd4b05c8ef7c35"><code>9278f21</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/d78cc73d3c51763654d66d52b5b761231f5adea9"><code>d78cc73</code></a> Fixes spelling and punctuation</li> <li><a href="https://github.com/wycats/handlebars.js/commit/4de51fe26ba049c743993424b937c0afc6cd9ae9"><code>4de51fe</code></a> Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a></li> <li><a href="https://github.com/wycats/handlebars.js/commit/a32d05f2fc65b1c017e7f482430392d242a97ffc"><code>a32d05f</code></a> Include Type Definition for runtime.js in Package</li> <li><a href="https://github.com/wycats/handlebars.js/commit/ad63f5189ffe262e013f2bb9da69c66bed7801ee"><code>ad63f51</code></a> chore: add missing "await" in aws-s3 publishing code</li> <li><a href="https://github.com/wycats/handlebars.js/commit/586e672c8bba7db787bc9bfe9a9fde4ec98d5b4f"><code>586e672</code></a> v4.7.2</li> <li><a href="https://github.com/wycats/handlebars.js/commit/f0c6c4cc1f9a91371535ad6affe09dfc1880dd9e"><code>f0c6c4c</code></a> Update release notes</li> <li><a href="https://github.com/wycats/handlebars.js/commit/a4fd391ba1c9faa1004e879f314beb80c3afe0b6"><code>a4fd391</code></a> chore: execute saucelabs-task only if access-key exists</li> <li><a href="https://github.com/wycats/handlebars.js/commit/9d5aa363cf3031b586e9945cf990e178f5b370db"><code>9d5aa36</code></a> fix: don't wrap helpers that are not functions</li> <li>Additional commits viewable in <a href="https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.7.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+27 -30

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in 13 days

issue commentovertrue/wechat

3.x升级4.0是否有方案或建议?

推荐将用到的地方按新版修改代码

snaill notifications@github.com于2020年2月6日 周四下午6:38写道:

我用的环境

  • PHP 版本:7.2/7.4
  • overtrue/wechat 版本:3.3.33
  • 是否使用了框架?框架名称:yii2

问题及现象

3.x使用doctrine/cache 1.4.x,其中有些如impode的用法在php7.4已经失效,导致执行异常。因为只是开发机,暂时直接修改doctrine/cache代码解决,考虑以后的更新升级,希望能更新到4.x版本。

目前看到的4.x改动还是比较大的,请问是否有推荐的升级方案。

或者起码把doctrine/cache升级到1.5.x。

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/overtrue/wechat/issues/1791?email_source=notifications&email_token=AALHOYHCY3XUGGHCDHMJG23RBPSCDA5CNFSM4KQ2P5OKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4ILPATXQ, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALHOYEWBD26R42F4XU4V7TRBPSCDANCNFSM4KQ2P5OA .

snaill

comment created time in 13 days

push eventovertrue/vue-avatar-cropper

dependabot[bot]

commit sha d9ca06b611f87546199e1ff205822b13cb97c8eb

Bump lodash from 4.17.11 to 4.17.14 (#88) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.14. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.14) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 15 days

PR merged overtrue/vue-avatar-cropper

Bump lodash from 4.17.11 to 4.17.14 dependencies

Bumps lodash from 4.17.11 to 4.17.14. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

</details>

+3 -23

0 comment

1 changed file

dependabot[bot]

pr closed time in 15 days

push eventovertrue/vue-avatar-cropper

dependabot[bot]

commit sha b672c3fde3167cab4824194d9e1c2c27f7844a95

Bump mixin-deep from 1.3.1 to 1.3.2 (#108) Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/jonschlinkert/mixin-deep/releases) - [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 15 days

PR merged overtrue/vue-avatar-cropper

Bump mixin-deep from 1.3.1 to 1.3.2 dependencies

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary>

  • 754f0c2 1.3.2
  • 90ee1fa ensure keys are valid when mixing in values
  • See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 15 days

push eventovertrue/vue-avatar-cropper

Mustafa Ehsan Alokozay

commit sha d920b0182a409f97b503c81e94df3b40169e4221

Change the default value for output-mime to null in doc (#159)

view details

push time in 15 days

PR merged overtrue/vue-avatar-cropper

Change the default value for output-mime to null in doc

The default value for outputMime is null in code, but it was set as image/jpeg in readme. This PR corrects it.

+1 -1

0 comment

1 changed file

mustafaaloko

pr closed time in 15 days

issue closedovertrue/laravel-wechat

Call to undefined method EasyWeChat\OfficialAccount\Application::menu()

laravel版本5.7 laravel-wechat版本4.0 调用服务端接口是可以的,调用自定义菜单的时候不可以。 image

closed time in 15 days

fivenull

startedgetgridea/gridea

started time in 15 days

pull request commentovertrue/wechat

修复 AccessToken setToken 单元测试

感谢

her-cat

comment created time in 15 days

push eventovertrue/wechat

她和她的猫

commit sha 9bd01ce218783b50bc74fbb57097f35dafe3b6a4

修复 AccessToken setToken 单元测试 (#1789)

view details

push time in 15 days

PR merged overtrue/wechat

修复 AccessToken setToken 单元测试

为了解决 #1761 ,在 commit https://github.com/overtrue/wechat/commit/7895e714a026147514774b079f6e3eb2b236c16a 中删除了 safeSeconds 属性。

单元测试中并未修改。

+3 -3

0 comment

1 changed file

her-cat

pr closed time in 15 days

created tagovertrue/laravel-follow

tag1.1.15

:heart: This package helps you to add user based follow system to your model.

created time in 16 days

release overtrue/laravel-follow

1.1.15

released time in 16 days

push eventovertrue/laravel-follow

dependabot-preview[bot]

commit sha e604245e93c25d771ac85abdba6e89f961f33b05

Update mockery/mockery requirement from 1.3.0 to 1.3.1 Updates the requirements on [mockery/mockery](https://github.com/mockery/mockery) to permit the latest version. - [Release notes](https://github.com/mockery/mockery/releases) - [Changelog](https://github.com/mockery/mockery/blob/master/CHANGELOG.md) - [Commits](https://github.com/mockery/mockery/compare/1.3.0...1.3.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

安正超

commit sha a9e64fe21af9501e17f4164301f093b54c194b2a

Merge pull request #121 from overtrue/dependabot/composer/mockery/mockery-1.3.1 Update mockery/mockery requirement from 1.3.0 to 1.3.1

view details

push time in 16 days

PR merged overtrue/laravel-follow

Update mockery/mockery requirement from 1.3.0 to 1.3.1 dependencies

Updates the requirements on mockery/mockery to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mockery/mockery/releases">mockery/mockery's releases</a>.</em></p> <blockquote> <h2>1.3.1</h2> <ul> <li>Revert improved exception debugging due to BC breaks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mockery/mockery/blob/master/CHANGELOG.md">mockery/mockery's changelog</a>.</em></p> <blockquote> <h2>1.3.1 (2019-12-26)</h2> <ul> <li>Revert improved exception debugging due to BC breaks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a>)</li> </ul> <h2>1.3.0 (2019-11-24)</h2> <ul> <li>Added capture <code>Mockery::capture</code> convenience matcher (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1020">#1020</a>)</li> <li>Added <code>andReturnArg</code> to echo back an argument passed to a an expectation (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/992">#992</a>)</li> <li>Improved exception debugging (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1000">#1000</a>)</li> <li>Fixed <code>andSet</code> to not reuse properties between mock objects (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1012">#1012</a>)</li> </ul> <h2>1.2.4 (2019-09-30)</h2> <ul> <li>Fix a bug introduced with previous release, for empty method definition lists (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1009">#1009</a>)</li> </ul> <h2>1.2.3 (2019-08-07)</h2> <ul> <li>Allow mocking classes that have allows and expects methods (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/868">#868</a>)</li> <li>Allow passing thru __call method in all mock types (experimental) (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/969">#969</a>)</li> <li>Add support for <code>!</code> to blacklist methods (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/959">#959</a>)</li> <li>Added <code>withSomeOfArgs</code> to partial match a list of args (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/967">#967</a>)</li> <li>Fix chained demeter calls with type hint (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/956">#956</a>)</li> </ul> <h2>1.2.2 (2019-02-13)</h2> <ul> <li>Fix a BC breaking change for PHP 5.6/PHPUnit 5.7.27 (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/947">#947</a>)</li> </ul> <h2>1.2.1 (2019-02-07)</h2> <ul> <li>Support for PHPUnit 8 (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/942">#942</a>)</li> <li>Allow mocking static methods called on instance (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/938">#938</a>)</li> </ul> <h2>1.2.0 (2018-10-02)</h2> <ul> <li>Starts counting default expectations towards count (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/910">#910</a>)</li> <li>Adds workaround for some HHVM return types (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/909">#909</a>)</li> <li>Adds PhpStorm metadata support for autocomplete etc (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/904">#904</a>)</li> <li>Further attempts to support multiple PHPUnit versions (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/903">#903</a>)</li> <li>Allows setting constructor expectations on instance mocks (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/900">#900</a>)</li> <li>Adds workaround for HHVM memoization decorator (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/893">#893</a>)</li> <li>Adds experimental support for callable spys (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/712">#712</a>)</li> </ul> <h2>1.1.0 (2018-05-08)</h2> <ul> <li>Allows use of string method names in allows and expects (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/794">#794</a>)</li> <li>Finalises allows and expects syntax in API (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/799">#799</a>)</li> <li>Search for handlers in a case instensitive way (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/801">#801</a>)</li> <li>Deprecate allowMockingMethodsUnnecessarily (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/808">#808</a>)</li> <li>Fix risky tests (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/769">#769</a>)</li> <li>Fix namespace in TestListener (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/812">#812</a>)</li> <li>Fixed conflicting mock names (<a href="https://github-redirect.dependabot.com/mockery/mockery/issues/813">#813</a>)</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mockery/mockery/commit/f69bbde7d7a75d6b2862d9ca8fab1cd28014b4be"><code>f69bbde</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1032">#1032</a> from robertbasic/revert-exception-debugging</li> <li><a href="https://github.com/mockery/mockery/commit/580b98c96219ce598a7f3610ed1352f1ecf6de27"><code>580b98c</code></a> Add changelog</li> <li><a href="https://github.com/mockery/mockery/commit/12c5d771833312544dfc687f4d48d77a4a6e8b0f"><code>12c5d77</code></a> Revert "Improve exception debugging"</li> <li><a href="https://github.com/mockery/mockery/commit/c21660612104ad072bbc3f0f3d934689160924dc"><code>c216606</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1027">#1027</a> from dciancu/master</li> <li><a href="https://github.com/mockery/mockery/commit/84ee0466159e39726abbc568b0566b060e01a88d"><code>84ee046</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mockery/mockery/issues/1028">#1028</a> from GrahamCampbell/patch-1</li> <li><a href="https://github.com/mockery/mockery/commit/0c865d33186e7573835e57bdbddde88f8f4b2a05"><code>0c865d3</code></a> Fixed branch alias</li> <li><a href="https://github.com/mockery/mockery/commit/4f5f771438ebaf16a4413d580a5d68888a13aabc"><code>4f5f771</code></a> Add back getActualArguments() to NoMatchingExpectationException</li> <li>See full diff in <a href="https://github.com/mockery/mockery/compare/1.3.0...1.3.1">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 16 days

more