profile
viewpoint
superwf superwf jd Beijing/China https://wangfan.bj.cn using ecmascript and the great nodejs. I like coding.

superwf/fxios 5

ajax fetch axios

superwf/redux-sockjs 3

use sockjs to pub and sub redux action

superwf/load-polyfill 2

load polyfill by yourself browser inspect, load only when needed

superwf/jest-with-puppeteer-core 1

jest-environment-puppeteer with puppeteer-core example

superwf/react-drag-select 1

Drag select React component

superwf/react-impress.js 1

impress.js react version

superwf/ant-design 0

🐜 A UI Design Language

superwf/awesome-vue 0

A curated list of awesome things related to Vue.js

superwf/blog 0

use gatsby generate my blog

push eventsuperwf/ts-gear

superwf

commit sha 6d32294b5467787ce343c740f0b2e7ae98303754

chore(release): 1.3.1

view details

push time in a day

push eventsuperwf/ts-gear

superwf

commit sha 469c013bdd33335402eb430186f7a857aa93ba9d

build: update package

view details

push time in a day

push eventsuperwf/dotfiles

superwf

commit sha b6aa1de6c30883a629829d345a5d5a5d60282a15

vim: add rust support

view details

push time in 2 days

push eventsuperwf/share-doc

superwf

commit sha 0223b4bff859b4cd275d532b65d01b23b6794e1a

docs: standard-version

view details

push time in 2 days

push eventsuperwf/share-doc

superwf

commit sha 4de88437d1e8fa35172b4c859a11ce22db0c44f7

docs: jest

view details

push time in 3 days

push eventsuperwf/share-doc

superwf

commit sha c948294b72aa634d4e59af22bc8b7f72e77f6035

docs: standard-version

view details

push time in 4 days

startedchentsulin/awesome-react-renderer

started time in 7 days

push eventsuperwf/share-doc

superwf

commit sha 1c8adf0a402979793610fb2401b62190021fcf37

docs: jest

view details

push time in 8 days

push eventsuperwf/share-doc

superwf

commit sha 399733807e34c95988724600d6fe544f59c63449

docs: jest

view details

push time in 8 days

push eventsuperwf/share-doc

superwf

commit sha fb760f3f3e72cdf50eefd9ed13da1bd5662f3118

Update request.test.ts

view details

superwf

commit sha 399733807e34c95988724600d6fe544f59c63449

docs: jest

view details

push time in 8 days

push eventsuperwf/share-doc

superwf

commit sha fb760f3f3e72cdf50eefd9ed13da1bd5662f3118

Update request.test.ts

view details

push time in 8 days

push eventsuperwf/share-doc

superwf

commit sha edf491c7bc4cd3b5279200ef84b760f13761b026

docs: add jest example

view details

superwf

commit sha 24ffde093795130fe115d0d2d2307c32ed5ae568

docs: jest

view details

push time in 9 days

push eventsuperwf/share-doc

superwf

commit sha 24ffde093795130fe115d0d2d2307c32ed5ae568

docs: jest

view details

push time in 9 days

push eventsuperwf/chrome-extension-starter

superwf

commit sha ec7e38af0720b0c525472ae022a39e3b312d22ef

build: use ts-loader replade awsome-typescript-loader

view details

push time in 16 days

push eventsuperwf/dotfiles

superwf

commit sha 81bfaac929d2a56d5fea2f6b6f7cefc1b7a63c74

feat: add yarn completion

view details

push time in 16 days

push eventsuperwf/chrome-extension-starter

superwf

commit sha d4ebc30ae37e151e4409ba8f018fc62526c0341c

feat: add hotreload and webpack

view details

push time in 18 days

push eventsuperwf/chrome-extension-starter

superwf

commit sha c373d6c417e1da348038e6c89bd142c3eaf19891

build: 调试webpack

view details

push time in 20 days

push eventsuperwf/chrome-extension-starter

superwf

commit sha 680407ef4614a43a80da46f739e48b38ae4f4348

build: add tsconfig

view details

push time in 21 days

push eventsuperwf/dotfiles

superwf

commit sha 3745c4d4b1fa0fb0a1516e6244103e58c374c496

nvim: add tabnine

view details

push time in 23 days

create barnchsuperwf/chrome-extension-starter

branch : master

created branch time in 24 days

created repositorysuperwf/chrome-extension-starter

chrome extension starter typescript

created time in 24 days

push eventsuperwf/share-doc

superwf

commit sha dc9af583c76d23cb7022d094b26429f5b5aa54b6

docs: refactor standard-version README

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 87f7d7b46e9e491cccc91773f9cb6fec82ca6c44

docs: update standard-version

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 37462afcc2705147797f57e114c20f9437dbd926

docs: update standard-version

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha dba7b0bb5498ae57c0311e7b662f5c719e463e96

docs: update standard-version

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha af2444e01fc4f5da50c2a7209501354e6225e404

docs: update standard-version

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 54c29df284d9a2ec07f046f9b58715c88e21cfec

docs: standard-version

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha edf491c7bc4cd3b5279200ef84b760f13761b026

docs: add jest example

view details

push time in a month

create barnchsuperwf/share-doc

branch : standard-version

created branch time in a month

push eventsuperwf/share-doc

superwf

commit sha e14e6f5c63c10a1d8441c501f16410057f5f05e2

docs: jest add fetch mock doc

view details

superwf

commit sha 5d86e90759b38215b344814dc7a4a9b7d1e25aa2

docs: jest update

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 5d86e90759b38215b344814dc7a4a9b7d1e25aa2

docs: jest update

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 1874ccb215a7c0bbe25b4adcdd1ff780848806b2

docs: jest update

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 7ab190a6239ad2d037e8213defac9b6c31ee9c4d

docs: jest update

view details

push time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha 3a97dfb2c3baf8d873a206f1195781cac9b48f04

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 1b3b71565d4330c0ad74f7abaf0eaa49258e56d7

Merge pull request #2 from superwf/dependabot/npm_and_yarn/packages/vueapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp

view details

dependabot[bot]

commit sha b88c2b1e534f742e970024fcadd88e15ca487118

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha d5a5ae20a7e6021b1dff3b2b54bc5efd354b8241

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 142f2db9db3811c394456a54605e8ee4f1bd6c21

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha c10af988fb72846327710d1918573b95e0d7a834

build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha dbd55e0478dce70c0a8cc08a7d43488ac71bfffe

build(deps): bump handlebars from 4.1.2 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 803721837d7ec836e2070310961d171de3067c56

docs: update jest doc

view details

superwf

commit sha 89fbdcfa676fd1c2f4612e5e60c04a22238fe0dd

Merge pull request #6 from superwf/dependabot/npm_and_yarn/packages/vueapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp

view details

superwf

commit sha de4f84396ca35192025837cb9a81fe94718a0388

Merge pull request #8 from superwf/dependabot/npm_and_yarn/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3

view details

superwf

commit sha 2c157f79fb401f8ca3c59663c30c2c647ea900b2

Merge pull request #7 from superwf/dependabot/npm_and_yarn/packages/reactapp/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp

view details

superwf

commit sha 47f3079086ef698287bab6eea7ce77b9de244851

Merge pull request #3 from superwf/dependabot/npm_and_yarn/packages/reactapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp

view details

superwf

commit sha 57c417479e16586f720bbfcd3f119b67bc5f3e23

Merge pull request #1 from superwf/dependabot/npm_and_yarn/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3

view details

superwf

commit sha 86958fecd8796a75527f495f62c0070845237a0c

Merge branch 'jest'

view details

superwf

commit sha f1b143f50d6b3b032da837ffe99da8cfa858b696

Merge branch 'master' of github.com:superwf/share-doc

view details

superwf

commit sha 3ae94540580576328ccc3f43e0946c0eb9c02439

fix: 修正jest/example依赖

view details

superwf

commit sha 091590663cdce24a1e9adbfd26c1715358c748ac

docs: add to jest doc

view details

superwf

commit sha e14e6f5c63c10a1d8441c501f16410057f5f05e2

docs: jest add fetch mock doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 091590663cdce24a1e9adbfd26c1715358c748ac

docs: add to jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 3ae94540580576328ccc3f43e0946c0eb9c02439

fix: 修正jest/example依赖

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 5ec26929f0c030e388d33f44eddd8652db2a2a35

docs: fix jest

view details

superwf

commit sha 86958fecd8796a75527f495f62c0070845237a0c

Merge branch 'jest'

view details

superwf

commit sha f1b143f50d6b3b032da837ffe99da8cfa858b696

Merge branch 'master' of github.com:superwf/share-doc

view details

push time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha d5a5ae20a7e6021b1dff3b2b54bc5efd354b8241

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 57c417479e16586f720bbfcd3f119b67bc5f3e23

Merge pull request #1 from superwf/dependabot/npm_and_yarn/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3

view details

push time in a month

PR merged superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 dependencies

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+16 -16

1 comment

2 changed files

dependabot[bot]

pr closed time in a month

PullRequestEvent

create barnchsuperwf/share-doc

branch : dependabot/npm_and_yarn/eslint-utils-1.4.3

created branch time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha 3a97dfb2c3baf8d873a206f1195781cac9b48f04

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 1b3b71565d4330c0ad74f7abaf0eaa49258e56d7

Merge pull request #2 from superwf/dependabot/npm_and_yarn/packages/vueapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp

view details

dependabot[bot]

commit sha b88c2b1e534f742e970024fcadd88e15ca487118

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 47f3079086ef698287bab6eea7ce77b9de244851

Merge pull request #3 from superwf/dependabot/npm_and_yarn/packages/reactapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp

view details

push time in a month

PR merged superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp dependencies

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+29 -95

1 comment

2 changed files

dependabot[bot]

pr closed time in a month

PullRequestEvent

PR closed superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/reactapp dependencies

Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+29 -95

0 comment

2 changed files

dependabot[bot]

pr closed time in a month

PR closed superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 dependencies

Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+16 -16

0 comment

2 changed files

dependabot[bot]

pr closed time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha c10af988fb72846327710d1918573b95e0d7a834

build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 2c157f79fb401f8ca3c59663c30c2c647ea900b2

Merge pull request #7 from superwf/dependabot/npm_and_yarn/packages/reactapp/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp

view details

push time in a month

PR merged superwf/share-doc

build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp dependencies

Bumps handlebars from 4.1.2 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+33 -94

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha dbd55e0478dce70c0a8cc08a7d43488ac71bfffe

build(deps): bump handlebars from 4.1.2 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha de4f84396ca35192025837cb9a81fe94718a0388

Merge pull request #8 from superwf/dependabot/npm_and_yarn/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3

view details

push time in a month

PR merged superwf/share-doc

build(deps): bump handlebars from 4.1.2 to 4.5.3 dependencies

Bumps handlebars from 4.1.2 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+18 -13

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventsuperwf/share-doc

dependabot[bot]

commit sha 142f2db9db3811c394456a54605e8ee4f1bd6c21

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 89fbdcfa676fd1c2f4612e5e60c04a22238fe0dd

Merge pull request #6 from superwf/dependabot/npm_and_yarn/packages/vueapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp

view details

push time in a month

PR merged superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp dependencies

Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Release notes</summary>

Sourced from eslint-utils's releases.

v1.4.3

🐛 Bug fixes

  • 8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of ReferenceTracker.

v1.4.2

🐛 Bug fixes

  • e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.

v1.4.1

🐛 Bug fixes

  • c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed getStaticValue() function to handle null literal correctly even if runtimes don't support BigInt natively.
  • 587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed getStringIfConstant() function to handle regular expression literals and BigInt literals even if runtimes don't support those.
  • 08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3. </details> <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+8 -8

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventsuperwf/share-doc

superwf

commit sha 5ec26929f0c030e388d33f44eddd8652db2a2a35

docs: fix jest

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 803721837d7ec836e2070310961d171de3067c56

docs: update jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 6d1962875832da08638d5c55be47baa75a9ae5d9

docs: jest share doc

view details

superwf

commit sha 515e506c5327b3a1a90ae0bcc6188730f26da64a

docs: update jest doc

view details

superwf

commit sha 87a4786cc480aafae5a5c9c9172760e61c966433

docs: fix jest doc

view details

superwf

commit sha 6858580774f9e7609525f682acb45cdce6f68934

docs: add jest to root doc

view details

superwf

commit sha 209abeeb749ed99cc0a8aabb1e0342f47d9d9fd2

docs: fix jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 209abeeb749ed99cc0a8aabb1e0342f47d9d9fd2

docs: fix jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha fef62b5db013007d7356a2530c0754b57d7013c6

docs: fix jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 6e5bc14a32b0458901b05f540e39739af82ec35f

docs: fix jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha f7ff2c81a72d0523cb5c73dfa7d1c903540563f2

docs: fix jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 6858580774f9e7609525f682acb45cdce6f68934

docs: add jest to root doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 87a4786cc480aafae5a5c9c9172760e61c966433

docs: fix jest doc

view details

push time in a month

push eventsuperwf/ts-gear

superwf

commit sha 103a728922ba3428fcf34a0e4cc598de7b5b97a3

docs: add eng doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 515e506c5327b3a1a90ae0bcc6188730f26da64a

docs: update jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 09e8258bdf2f8bb27e3d02bc2a8fcb5d8be73d96

docs: update jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 2ab2ab3a4a3a2c1c6acfcf686459de80300997de

docs: update jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 1a60d34d4186b102a273b3601e1868cad6d2024c

docs: update jest doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 6d1962875832da08638d5c55be47baa75a9ae5d9

docs: jest share doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha a16dca0d4055fdc8191d9e5683e28f15215cfb96

docs: jest share doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 8cecfbde629e9d479fe38ed2b813a620e4904548

docs: jest share doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 4ab1df6a04098464f1650f213065d843f734c2d5

docs: jest share doc

view details

push time in a month

push eventsuperwf/share-doc

superwf

commit sha 8559e7f03fa2b2283268947acb970ffc2b94406f

docs: jest share doc

view details

push time in 2 months

startedfacebook/jest

started time in 2 months

push eventsuperwf/share-doc

push time in 2 months

create barnchsuperwf/share-doc

branch : jest

created branch time in 2 months

push eventsuperwf/share-doc

superwf

commit sha d7a99da625d800e680f9a8c267964bb8aa33a928

docs: jest share doc

view details

superwf

commit sha d0a99ffc688e0b4eae1b3203717d076056e2f260

Merge branch 'master' of github.com:superwf/share-doc

view details

push time in 2 months

created tagsuperwf/ts-gear

tagv1.3.0

typescript swagger schema api auto generate

created time in 2 months

push eventsuperwf/ts-gear

superwf

commit sha df98c1efe26ccffe544c368ddea6dde556f6142b

feat: 添加命令行参数-p

view details

superwf

commit sha d0e482a595539feda7f4c079b80a7cd45d4c4970

chore(release): 1.3.0

view details

push time in 2 months

push eventsuperwf/dotfiles

superwf

commit sha 03f78daf39f514abe226ee87106f2a3150467f27

chore: update config

view details

push time in 2 months

push eventsuperwf/fxios

dependabot[bot]

commit sha fe08f498ee4036ac750789aa0a9ec5aca8326a55

build(deps): bump mixin-deep from 1.3.1 to 1.3.2 Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/jonschlinkert/mixin-deep/releases) - [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 064d12cdb3457a4904700ecde7963fbd30aff522

Merge pull request #4 from superwf/dependabot/npm_and_yarn/mixin-deep-1.3.2 build(deps): bump mixin-deep from 1.3.1 to 1.3.2

view details

push time in 2 months

PR merged superwf/fxios

build(deps): bump mixin-deep from 1.3.1 to 1.3.2 dependencies

Bumps mixin-deep from 1.3.1 to 1.3.2. <details> <summary>Commits</summary>

  • 754f0c2 1.3.2
  • 90ee1fa ensure keys are valid when mixing in values
  • See full diff in compare view </details> <details> <summary>Maintainer changes</summary>

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version. </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventsuperwf/fxios

dependabot[bot]

commit sha 09551e5da5d1acd203577af39417696879aa35f7

build(deps): bump handlebars from 4.1.0 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.0 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha eb69b5e60f44e8ac51b32c7d110b0467756a35b9

Merge pull request #3 from superwf/dependabot/npm_and_yarn/handlebars-4.5.3 build(deps): bump handlebars from 4.1.0 to 4.5.3

view details

push time in 2 months

PR merged superwf/fxios

build(deps): bump handlebars from 4.1.0 to 4.5.3 dependencies

Bumps handlebars from 4.1.0 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+17 -19

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventsuperwf/share-doc

dependabot[bot]

commit sha fb4242ec8b7e2c3481e421c72c8b34bd57b35cbc

build(deps): bump handlebars from 4.1.2 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha f8de5f9b9a7df657a52ea45889af35b8622886e1

Merge pull request #4 from superwf/dependabot/npm_and_yarn/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3

view details

push time in 2 months

PR merged superwf/share-doc

build(deps): bump handlebars from 4.1.2 to 4.5.3 dependencies

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps handlebars from 4.1.2 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+18 -13

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventsuperwf/share-doc

dependabot[bot]

commit sha af191d1cd5329e35583b9a03aacef7a6d9118f72

build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha d07aa3e73dfa467becd8216d616dbcc6c91621e0

Merge pull request #5 from superwf/dependabot/npm_and_yarn/packages/reactapp/handlebars-4.5.3 build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp

view details

push time in 2 months

PR merged superwf/share-doc

build(deps): bump handlebars from 4.1.2 to 4.5.3 in /packages/reactapp dependencies

Bumps handlebars from 4.1.2 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+33 -94

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventsuperwf/webgl-exercise

dependabot[bot]

commit sha 3fdb7ea2638ec8b05bc68b20a623ebda933adfb5

build(deps): bump handlebars from 4.2.0 to 4.5.3 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.2.0 to 4.5.3. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.2.0...v4.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha ca454d853e826510a588a023738a697043977735

Merge pull request #1 from superwf/dependabot/npm_and_yarn/handlebars-4.5.3 build(deps): bump handlebars from 4.2.0 to 4.5.3

view details

push time in 2 months

PR merged superwf/webgl-exercise

build(deps): bump handlebars from 4.2.0 to 4.5.3 dependencies

Bumps handlebars from 4.2.0 to 4.5.3. <details> <summary>Changelog</summary>

Sourced from handlebars's changelog.

v4.5.3 - November 18th, 2019

Bugfixes:

  • fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7
  • fix: add more properties required to be enumerable - 1988878

Chores / Build:

  • fix: use !== 0 instead of != 0 - c02b05f
  • add chai and dirty-chai and sinon, for cleaner test-assertions and spies, deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0

Security:

  • The properties __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ have been added to the list of "properties that must be enumerable". If a property by that name is found and not enumerable on its parent, it will silently evaluate to undefined. This is done in both the compiled template and the "lookup"-helper. This will prevent new Remote-Code-Execution exploits that have been published recently.

Compatibility notes:

  • Due to the security-fixes. The semantics of the templates using __proto__, __defineGetter__, __defineSetter__ and __lookupGetter__ in the respect that those expression now return undefined rather than their actual value from the proto.
  • The semantics have not changed in cases where the properties are enumerable, as in:
{
  __proto__: 'some string'
}
  • The change may be breaking in that respect, but we still only increase the patch-version, because the incompatible use-cases are not intended, undocumented and far less important than fixing Remote-Code-Execution exploits on existing systems.

Commits

v4.5.2 - November 13th, 2019

Bugfixes

  • fix: use String(field) in lookup when checking for "constructor" - d541378
  • test: add fluent API for testing Handlebars - c2ac79c

Compatibility notes:

  • no incompatibility are to be expected </tr></table> ... (truncated) </details> <details> <summary>Commits</summary>
  • c819c8b v4.5.3
  • 827c9d0 Update release notes
  • f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
  • 1988878 fix: add more properties required to be enumerable
  • 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
  • 0817dad test: add sinon as global variable to eslint in the specs
  • 93516a0 test: add sinon.js for spies, deprecate current assertions
  • 93e284e chore: add chai and dirty-chai for better test assertions
  • c02b05f fix: use !== 0 instead of != 0
  • 8de121d v4.5.2
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+20 -15

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventsuperwf/share-doc

dependabot[bot]

commit sha 3a97dfb2c3baf8d873a206f1195781cac9b48f04

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.3. - [Release notes](https://github.com/mysticatea/eslint-utils/releases) - [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

superwf

commit sha 1b3b71565d4330c0ad74f7abaf0eaa49258e56d7

Merge pull request #2 from superwf/dependabot/npm_and_yarn/packages/vueapp/eslint-utils-1.4.3 build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp

view details

push time in 2 months

PR merged superwf/share-doc

build(deps): bump eslint-utils from 1.4.0 to 1.4.3 in /packages/vueapp dependencies

Bumps eslint-utils from 1.4.0 to 1.4.3. <details> <summary>Commits</summary>

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+8 -8

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

created tagsuperwf/share-doc

tagv0.1.1

web component doc share

created time in 2 months

created tagsuperwf/share-doc

tagv2.0.0

web component doc share

created time in 2 months

push eventsuperwf/share-doc

superwf

commit sha 95a3b03eafb37893b89654a9002226a016c9fbf6

docs: add videos to standard-version

view details

superwf

commit sha a0492f18976abc32da8ea25fa1465611b0cbb0c9

feat: update BREAKING CHANGE

view details

superwf

commit sha 08e5b41138b66d112afd313e5ffd806266819cd1

chore(release): 0.1.1

view details

superwf

commit sha df24465c01384057492af7f02709f2f0c49a4e80

feat: update to version 1 BREAKING CHANGE version 1

view details

superwf

commit sha bb3c34c82c30a7bc49117768f435b5d88f64ce8a

chore(release): 2.0.0

view details

superwf

commit sha e8da4cd9000a618808ba86b6f57830aeae3bebcc

docs: add standard-version videos

view details

push time in 2 months

startedelectron-in-action/clipmaster

started time in 2 months

startedelectron-in-action/firesale

started time in 2 months

startedhustcc/jest-electron

started time in 3 months

issue commentfacebook-atom/jest-electron-runner

renderer console not work

https://github.com/facebook-atom/jest-electron-runner/blob/b6c849ee05971bb030661018dff5e3505f0915c3/packages/electron/src/browser_window_injected_code.js#L59

this line not work I change this line to const mainConsole = require('electron').remote.getGlobal('console') mainConsole.log(111111) it works, but the output just flash away and overwriten by the jest output. mainConsole.log('\n\n', 111111, '\n\n') works better. but in origin jest running hint is lost. as below console.log src/App.test.tsx:8 1111111

superwf

comment created time in 3 months

issue openedfacebook-atom/jest-electron-runner

renderer console not work

Thanks for this great runner first, it make to test web component with jest possible. I am new to electron, may be it is something basic I dont know. How to make the renderer process to output to terminal? I triedprocess.stdoutandremote.getGlobal().console`, but all not work.

created time in 3 months

more