profile
viewpoint

tcurdt/iProxy 1091

Let's you connect your laptop to the iPhone to surf the web.

tcurdt/jdeb 361

This library provides an Ant task and a Maven plugin to create Debian packages from Java builds in a truly cross platform manner.

jamescarr/paynode 345

Mega library that includes various loadable modules for interacting with different payment gateways

tcurdt/feedbackreporter 170

Framework for sending feedback and system information reports from you Cocoa application.

tcurdt/lucenekit 87

Objective-C version of Apache Lucene. This is a fork from the http://etoileos.com project.

tcurdt/edmessage 38

fork of the edmessage smtp framework for Cocoa

tcurdt/jdependency 34

Provides an API to analyse and modify class dependencies. It provides the core to the maven shade plugin for removing unused classes.

tcurdt/jmx2munin 31

Export JMX information to Munin

tcurdt/jmx2snmp 20

Expose application JMX properties via SNMP

tcurdt/hadoop-lzo-java 10

hassle free creation of lzo index files for the use with hadoop

startedformatc1702/WireViz

started time in a day

startedchuyskywalker/cncjs-macros

started time in 3 days

issue closedapex/gateway

Not compatible with gateway v2

This code works just fine.

package main

import (
 "context"
 "fmt"

 "github.com/aws/aws-lambda-go/lambda"
)

func HandleRequest(ctx context.Context) (string, error) {
  return fmt.Sprintf("Hello!"), nil
}

func main() {
  lambda.Start(HandleRequest)
}

When I replace it with

package main

import (
	"fmt"
	"log"
	"net/http"

	"github.com/apex/gateway"
)

func main() {

	http.HandleFunc("/", hello)

	log.Fatal(gateway.ListenAndServe(":3000", nil))
	// log.Fatal(http.ListenAndServe(":3000", nil))
}

func hello(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello!")
}

I am getting:

curl https://dqt4t5gx.execute-api.eu-central-1.amazonaws.com/
<a href="//dqt4t5gx.execute-api.eu-central-1.amazonaws.com/">Moved Permanently</a>.

Could this be because I am using the aws_apigatewayv2_api resource? Or any other pointers?

closed time in 3 days

tcurdt

issue commentapex/gateway

Not compatible with gateway v2

The recent v2 addition is working fine for me now. Hence I am closing the issue.

package main

import (
  "fmt"
  "net/http"

  "github.com/apex/gateway/v2"
  "github.com/go-chi/chi"
)

func main() {
  gateway.ListenAndServe(":3000", routing())
}

func routing() http.Handler {

  r := chi.NewRouter()

  r.Get("/", func(w http.ResponseWriter, r *http.Request) {
    w.WriteHeader(http.StatusOK)
    w.Write([]byte("Hello World"))
  })

  r.Get("/id/{id}", func(w http.ResponseWriter, r *http.Request) {
    w.WriteHeader(http.StatusOK)
    w.Write([]byte("Hello World"))
  })

  r.NotFound(func(w http.ResponseWriter, r *http.Request) {
    w.WriteHeader(http.StatusOK)
    w.Write([]byte(fmt.Sprintf("Not found: [%s]", r.RequestURI)))
  })

  return r
}

@Grabber I suggest to check your gateway setup first. Is it really a v2 or is it a v1 gateway? Next add a "not found" handler and output the path. See if the path is what you would expect. If not, you will need to dig a bit into gin and how it does the route matching.

tcurdt

comment created time in 3 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

So - merge and then work on the GitHub actions? or what's the path forward?

wolfeidau

comment created time in 5 days

issue commentOllisGit/OctoPrint-DisplayLayerProgress

DisplayLayerProgress causes layers shifts

Two variables - so I tried to eliminate both. And 3.9 has also been reported to cause problems. Great it works for you. But I am also running on rpi3 and I didn't realize this is such a heavy plugin. Given I was printering for such a long time without problems, this indeed is quite weird.

mdaneman

comment created time in 6 days

issue commentOllisGit/OctoPrint-DisplayLayerProgress

DisplayLayerProgress causes layers shifts

Just to leave this here: I also ran into these layer shift issues. Never had them before - ever. The things that changed: upgrade of the octoprint plugins (including this) and upgrade to the new 3.9 prusa firmware. I disabled this plugin and reverted the firmware to 3.8.1 and haven't had the problems since. The very same gcode prints fine now.

mdaneman

comment created time in 6 days

startedivRodriguezCA/RE-iOS-Apps

started time in 7 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

v1 feels slightly deprecated but there is no such statement that I am aware of - and surely it isn't going away anytime soon. If the goal is to support both versions, just using a sub package per version seems the way to go (to me).

wolfeidau

comment created time in 7 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

I honestly cannot say. It probably heavily depends on the amount and size of changes to come. Looking at the commit history it does not seem to be much additional maintenance work with either approach. I'd only try to avoid having the versions in the struct names but rather use modules for that. That should be covered by both. Other than that I personally find the branching model cleaner - but I have no strong feelings either way.

wolfeidau

comment created time in 7 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

FWIW: I was hanging out on on the go channel on IRC. The directory approach seems to be the old way for very old go get clients. These days people seem to use just branches. So unless there is the a need for supporting older versions of go, just adding a v2 branch might be the cleaner way to go.

wolfeidau

comment created time in 7 days

issue commentdeflomu/moneymoney-mintos-extension

Refuses Password

Last resort would be trying to extract the certificate from the application - but that's not really a long term viable solution.

I think at this stage it would be good to talk to Mintos again - now that they do have an API.

tcurdt

comment created time in 8 days

issue commentdeflomu/moneymoney-mintos-extension

Refuses Password

It is possible to extract the API commands from the Android APK file?

It might - but that won't help at all if we cannot establish the HTTPS connection. And if we can, there is no real reason to look at the APK file - then we can just look at the network.

tcurdt

comment created time in 8 days

startedgcormier/megadesk

started time in 10 days

push eventtcurdt/jdependency

Torsten Curdt

commit sha 5efd264c61f3b3df6bbf8db9f51e15694371fb22

ignore the openjdk-ea failures for now

view details

push time in 11 days

startedRavenSystem/esp-homekit-devices

started time in 11 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

Sounds great.

@wolfeidau let me know if I can be of any help.

wolfeidau

comment created time in 11 days

delete branch tcurdt/jdependency

delete branch : dependabot/maven/org.apache.maven.plugins-maven-site-plugin-3.9.1

delete time in 11 days

push eventtcurdt/jdependency

dependabot[bot]

commit sha 64d4238dfc99ac2e77fefe65c0e60827f6104c0d

Bump maven-site-plugin from 3.9.0 to 3.9.1 (#37) Bumps [maven-site-plugin](https://github.com/apache/maven-site-plugin) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/apache/maven-site-plugin/releases) - [Commits](https://github.com/apache/maven-site-plugin/compare/maven-site-plugin-3.9.0...maven-site-plugin-3.9.1)

view details

push time in 11 days

PR merged tcurdt/jdependency

Bump maven-site-plugin from 3.9.0 to 3.9.1 dependencies java

Bumps maven-site-plugin from 3.9.0 to 3.9.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-site-plugin/commit/854e6a0c4b660f48e313c0a6b2391ded14704aab"><code>854e6a0</code></a> [maven-release-plugin] prepare release maven-site-plugin-3.9.1</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/ec954c8d280dd996e05b773b09c8249dd3a5ec75"><code>ec954c8</code></a> [MSITE-856] - NullPointer on org.apache.maven.plugins.site.render.SiteMap.rel...</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/d4160ab5b1cbeafd465b3eccc5f9f622e1f31e83"><code>d4160ab</code></a> fix javadoc issues with JDK 8</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/963cbcb734959227349a8b274479c0f7c268ed4c"><code>963cbcb</code></a> remove unused plugins</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/da109170788cccf3efdccb5a12a14b85a3d7c5f2"><code>da10917</code></a> remove enforce bytecode now inherited from maven-parent</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/e03332897bef17d144aef48abf15efe78f126a9a"><code>e033328</code></a> [MSITE-757] remove shading not used any more</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/5179a4d5b708f5ab5546edfb0fb2d6313b018ba4"><code>5179a4d</code></a> [MSITE-863] fix Maven < 3.6.1 compatibility issue</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/028119f2bbb2b00031070a3e1eaedf594ba8cae7"><code>028119f</code></a> Github Actions</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/77c7cff6e5dbf1ed848383a933187a5f578b9435"><code>77c7cff</code></a> [MSITE-863] upgrade m-reporting-exec to show that MSHARED-921 is fixed</li> <li><a href="https://github.com/apache/maven-site-plugin/commit/36b11f4455076840df0af3dc51d825358f899198"><code>36b11f4</code></a> [MSITE-863] revert ae9c132, not caused by Java 7 but Maven 3.6.0-</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-site-plugin/compare/maven-site-plugin-3.9.0...maven-site-plugin-3.9.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 11 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

Any suggestions on how to proceed with this? @tj @wolfeidau @piotrkubisa

wolfeidau

comment created time in 12 days

issue commentprusa3d/Prusa-Firmware

Fail stats not reset when printing via USB

So - is there a way to reset the fail stats via gcode?

moggieuk

comment created time in 15 days

pull request commentapex/gateway

Add support for 2.0 apigw request/response

Pretty cool. I was just about to work on a PR for this myself.

That said - it feels like having both versions in a single API has little benefits. I think I would have opted for splitting this by versions.

wolfeidau

comment created time in 15 days

PR closed tcurdt/jdependency

Bump maven-surefire-report-plugin from 3.0.0-M4 to 3.0.0-M5 dependencies java

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.


Bumps maven-surefire-report-plugin from 3.0.0-M4 to 3.0.0-M5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-surefire/commit/1eb35fd1ec6e54545c080079b23aacbb66e4936d"><code>1eb35fd</code></a> [maven-release-plugin] prepare release surefire-3.0.0-M5_vote-1</li> <li><a href="https://github.com/apache/maven-surefire/commit/02cca4dc3fba70a17b3a8fecc07c374a35e49d15"><code>02cca4d</code></a> [GH] performance problem on Windows nodes</li> <li><a href="https://github.com/apache/maven-surefire/commit/e8f65b99aaaa7c04e1ad3770309cd626d3fe5ab0"><code>e8f65b9</code></a> [SUREFIRE-1797] Surefire report with parameterized tests contain all names of...</li> <li><a href="https://github.com/apache/maven-surefire/commit/2e14ba6e8cb8883ef0c50175c0f0d6af676fac55"><code>2e14ba6</code></a> updated the road map for 3.0.0-M5 and next versions</li> <li><a href="https://github.com/apache/maven-surefire/commit/5f492fa0f22c3b5a18508c11c3429bcc62388d5f"><code>5f492fa</code></a> Using localhost (not local loopback) in SurefireForkChannel.java</li> <li><a href="https://github.com/apache/maven-surefire/commit/eb48f1b59ca5ccf6954ef33ecab03dbaf93214cd"><code>eb48f1b</code></a> featurematrix.apt.vm with issue SUREFIRE-1795</li> <li><a href="https://github.com/apache/maven-surefire/commit/5925e3d8fdc52e3ad58d7fd35d679277f763a8bf"><code>5925e3d</code></a> providerJpmsArguments are already controlled by isMainDescriptor in ProviderInfo</li> <li><a href="https://github.com/apache/maven-surefire/commit/6237868c88dfd6edc805982747d61094b3b79c25"><code>6237868</code></a> Updated java9.md with new Toolchain capabilities</li> <li><a href="https://github.com/apache/maven-surefire/commit/c2a32917a82189a77750932aef821ac6a4cb2906"><code>c2a3291</code></a> [GH] performance problem on Windows nodes</li> <li><a href="https://github.com/apache/maven-surefire/commit/a3f827f0ce2f204599b757a0cc1f45814771f4ae"><code>a3f827f</code></a> [GH] Workflows j14</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M4...surefire-3.0.0-M5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

delete branch tcurdt/jdependency

delete branch : dependabot/maven/org.apache.maven.plugins-maven-project-info-reports-plugin-3.1.0

delete time in 16 days

PR closed tcurdt/jdependency

Bump maven-project-info-reports-plugin from 3.0.0 to 3.1.0 dependencies java

Bumps maven-project-info-reports-plugin from 3.0.0 to 3.1.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/7b3e994a6b210bc56055356381301b47688e0914"><code>7b3e994</code></a> [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.1.0</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/25ee2e7fcfa7a71b18deada5970958199f36c86f"><code>25ee2e7</code></a> fixed typo</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/1dee6fdce5f75f7b94f649c77922ae3b341c76db"><code>1dee6fd</code></a> README improvement</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/2211965744ba1ad9ceb577e4f711ca10c192ba88"><code>2211965</code></a> added README</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/2670a2e89658522f98be5795909af4bb26236f8e"><code>2670a2e</code></a> fixed old file names</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/ee5a2bdf319043769d49c062162010a3f0c27b25"><code>ee5a2bd</code></a> fixed broken links (MPIR 3)</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/d276fbfa10bcabf162bc237a5f51fceaceaa25a6"><code>d276fbf</code></a> added README</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/f28d6bf53abdbe7d737a0dcbd1d758b088115c52"><code>f28d6bf</code></a> [MPIR-387] remove (unused) non-reproducible jar signing</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/7e188e97a101233987d16062ec9629ebac5d6144"><code>7e188e9</code></a> Bump maven-jarsigner-plugin from 1.4 to 3.0.0</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/310e3aa77f05c1dac1fac0ed35dbed630fdc9e2e"><code>310e3aa</code></a> update a couple of test dependencies</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.0.0...maven-project-info-reports-plugin-3.1.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

push eventtcurdt/jdependency

Torsten Curdt

commit sha 23104fcaddd64c1b5185293de4543c569e8d35c0

upgraded deps, closes #32 #33 #34 #35 #36

view details

push time in 16 days

PR closed tcurdt/jdependency

Bump maven-surefire-plugin from 3.0.0-M4 to 3.0.0-M5 dependencies java

Bumps maven-surefire-plugin from 3.0.0-M4 to 3.0.0-M5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-surefire/commit/1eb35fd1ec6e54545c080079b23aacbb66e4936d"><code>1eb35fd</code></a> [maven-release-plugin] prepare release surefire-3.0.0-M5_vote-1</li> <li><a href="https://github.com/apache/maven-surefire/commit/02cca4dc3fba70a17b3a8fecc07c374a35e49d15"><code>02cca4d</code></a> [GH] performance problem on Windows nodes</li> <li><a href="https://github.com/apache/maven-surefire/commit/e8f65b99aaaa7c04e1ad3770309cd626d3fe5ab0"><code>e8f65b9</code></a> [SUREFIRE-1797] Surefire report with parameterized tests contain all names of...</li> <li><a href="https://github.com/apache/maven-surefire/commit/2e14ba6e8cb8883ef0c50175c0f0d6af676fac55"><code>2e14ba6</code></a> updated the road map for 3.0.0-M5 and next versions</li> <li><a href="https://github.com/apache/maven-surefire/commit/5f492fa0f22c3b5a18508c11c3429bcc62388d5f"><code>5f492fa</code></a> Using localhost (not local loopback) in SurefireForkChannel.java</li> <li><a href="https://github.com/apache/maven-surefire/commit/eb48f1b59ca5ccf6954ef33ecab03dbaf93214cd"><code>eb48f1b</code></a> featurematrix.apt.vm with issue SUREFIRE-1795</li> <li><a href="https://github.com/apache/maven-surefire/commit/5925e3d8fdc52e3ad58d7fd35d679277f763a8bf"><code>5925e3d</code></a> providerJpmsArguments are already controlled by isMainDescriptor in ProviderInfo</li> <li><a href="https://github.com/apache/maven-surefire/commit/6237868c88dfd6edc805982747d61094b3b79c25"><code>6237868</code></a> Updated java9.md with new Toolchain capabilities</li> <li><a href="https://github.com/apache/maven-surefire/commit/c2a32917a82189a77750932aef821ac6a4cb2906"><code>c2a3291</code></a> [GH] performance problem on Windows nodes</li> <li><a href="https://github.com/apache/maven-surefire/commit/a3f827f0ce2f204599b757a0cc1f45814771f4ae"><code>a3f827f</code></a> [GH] Workflows j14</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M4...surefire-3.0.0-M5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

pull request commenttcurdt/jdependency

add Dependabot

Alright. Let's see if this works better than snyk. Thanks for the PR.

sullis

comment created time in 16 days

push eventtcurdt/jdependency

sullis

commit sha 339fcb181dc9feac7c9215e86c0214d696ea7839

add Dependabot (#31) https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/

view details

push time in 16 days

PR merged tcurdt/jdependency

add Dependabot

https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/

+12 -0

1 comment

1 changed file

sullis

pr closed time in 16 days

delete branch tcurdt/jdependency

delete branch : snyk-upgrade-5c0356726b6873a97b67fe221a87d8c5

delete time in 16 days

PR closed tcurdt/jdependency

[Snyk] Upgrade commons-io:commons-io from 2.6 to 2.7

<h3>Snyk has created this PR to upgrade commons-io:commons-io from 2.6 to 2.7.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 22 days ago, on 2020-05-24.

<hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkZTc3MGE0Mi1hZDYyLTQ4MTctOTM0MC03YjE5YjEyNjY2OTMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImRlNzcwYTQyLWFkNjItNDgxNy05MzQwLTdiMTliMTI2NjY5MyJ9fQ==" width="0" height="0"/>

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"prId":"de770a42-ad62-4817-9340-7b19b1266693","dependencies":[{"name":"commons-io:commons-io","from":"2.6","to":"2.7"}],"packageManager":"maven","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/d472f748-1a32-4a46-b330-14d9e888dd34?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"d472f748-1a32-4a46-b330-14d9e888dd34","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2020-05-24T20:10:54.000Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+8 -8

1 comment

1 changed file

snyk-bot

pr closed time in 16 days

push eventtcurdt/jdependency

Torsten Curdt

commit sha c44be1749bd7e02bdb77e694ea70f77d931cebd4

upgrade to commons io 2.7

view details

push time in 16 days

issue commentapex/gateway

Hello World giving a 404

Alright - the problem is that the current gateway is not v2 compatible.

I've upgrade my version here for now. The question is - how should this be handled. There is no easy migration path as the AWS resources are different.

Any other suggestions?

tcurdt

comment created time in 17 days

issue closedaws/aws-lambda-go

empty event path

A very simple lambda

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-lambda-go/events"
	"github.com/aws/aws-lambda-go/lambda"
)

func main() {
	lambda.Start(func(ctx context.Context, e events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {
		return events.APIGatewayProxyResponse{Body: fmt.Sprintf("path: %v", e.Path), StatusCode: 200}, nil
	})
}

mounted as

resource "aws_apigatewayv2_api" "a" {
  name          = local.api
  protocol_type = "HTTP"
  target        = aws_lambda_function.a.arn
  // route_key     = "GET /"
  // route_key     = "ANY /"
  route_key     = "ANY /foo/{proxy+}"
  // route_key     = "$default"
}

Using

curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/bar
path: %

I am getting an empty path - but would have expected /foo/bar.

This is a major blocker for me. What's am I missing?

closed time in 17 days

tcurdt

issue commentaws/aws-lambda-go

empty event path

Looking at APIGatewayProxyRequest and APIGatewayV2HTTPRequest I suspected that my aws_apigatewayv2_api is sending a V2 structure but decoding it into a APIGatewayProxyRequest. And indeed that's what I found.

Switching the lambda to

func main() {
	lambda.Start(func(ctx context.Context, e events.APIGatewayV2HTTPRequest) (events.APIGatewayV2HTTPResponse, error) {
		return events.APIGatewayV2HTTPResponse{Body: fmt.Sprintf("event:[%+v], path:[%v]", e, e.RawPath),
				StatusCode: 200},
			nil
	})
}

does indeed provide the expected data.

This basically leaves this as a much needed request to improve the documentation.

tcurdt

comment created time in 17 days

issue commentOctoPrint/OctoPrint

[Request] Ability to move files from the root file list into a folder

@jneilliii I personally was actively searching for a "move" icon that then let me pick a folder where to move to. And was stunned not to find such icon. I then searched, found the File Manager and ended up here. So - I was exactly looking for the UI you described.

NameOfTheDragon

comment created time in 17 days

issue commentaws/aws-lambda-go

empty event path

I just tried a similar thing with the node12 runtime and get the following output of the event

% curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/bar
event:{
  "version": "2.0",
  "routeKey": "ANY /foo/{proxy+}",
  "rawPath": "/foo/bar",
  "rawQueryString": "",
  "headers": {
    "accept": "*/*",
    "content-length": "0",
    "host": "<instance>.execute-api.eu-central-1.amazonaws.com",
    "user-agent": "curl/7.64.1",
    "x-amzn-trace-id": "Root=1-5eed1981-b02966c82c2b900013d7d18d",
    "x-forwarded-for": "46.90.80.5",
    "x-forwarded-port": "443",
    "x-forwarded-proto": "https"
  },
  "requestContext": {
    "accountId": "<id>",
    "apiId": "<instance>",
    "domainName": "<instance>.execute-api.eu-central-1.amazonaws.com",
    "domainPrefix": "<instance>",
    "http": {
      "method": "GET",
      "path": "/foo/bar",
      "protocol": "HTTP/1.1",
      "sourceIp": "46.90.80.5",
      "userAgent": "curl/7.64.1"
    },
    "requestId": "OZDsQjovliAEJfw=",
    "routeKey": "ANY /foo/{proxy+}",
    "stage": "$default",
    "time": "19/Jun/2020:20:01:05 +0000",
    "timeEpoch": 1592596865579
  },
  "pathParameters": {
    "proxy": "bar"
  },
  "isBase64Encoded": false
}%

which looks fine.

To me this suggests that there is a problem with the go implementation.

tcurdt

comment created time in 17 days

issue commentaws/aws-lambda-go

empty event path

To give more details:

$ curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo
{"message":"Not Found"}%
$ curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/
path: %
$ curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/bla
path: %
$ curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/bla/blub
path: %
tcurdt

comment created time in 17 days

issue commentOctoPrint/OctoPrint

[Request] Ability to move files from the root file list into a folder

If it wasn't for the .metadata.json I would just ssh into my pi and move the files via shell.

NameOfTheDragon

comment created time in 17 days

issue commentOctoPrint/OctoPrint

[Request] Ability to move files from the root file list into a folder

If the core file lister allows for folder creation I would think it should also allow for simple moving of files. That's what I would prefer, too. But unless someone is willing to spend the time of merging the two, bundling might be the most pragmatic way forward. And if there is no other file manager the idea of choice is an illusion anyway.

NameOfTheDragon

comment created time in 17 days

issue commentOctoPrint/OctoPrint

[Request] Ability to move files from the root file list into a folder

Unfortunately the manager plugin has "WARNING Plugin actually not in active development!" printed in big letters on it's github page.

It's also very weird to have "Create Folder" supported in core, but you can't really do anything with the folder.

The DeleteMoveAfterPrint is a hole different usecase.

NameOfTheDragon

comment created time in 17 days

issue commentprusa3d/PrusaSlicer

Overriding number of perimeters around a hole using modifier volume adds extra perimeters

@bubnikv Thanks for explaining the why. It might be expected as Prusa Slicer developer, but I'd argue it is unexpected from the normal user's POV.

I don't know how the algorithm works - but is there maybe a way to differentiate between an inner and an outer wall? If so the perimeter for outer walls could be set to 0, while the perimeter of inner walls could be set to the desired value.

GWdd

comment created time in 18 days

issue commentstlink-org/stlink

STM32F103C8Tx: Sudden unknown chip id

Ah, missed that the other report was with 1.6.0.

tcurdt

comment created time in 19 days

issue commentapex/gateway

Hello World giving a 404

This seems to be an issue with aws-lambda-go - not gateway itself. I've opened https://github.com/aws/aws-lambda-go/issues/297

I will close this issue as soon as I hear back from them.

tcurdt

comment created time in 19 days

issue openedaws/aws-lambda-go

empty event path

A very simple lambda

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-lambda-go/events"
	"github.com/aws/aws-lambda-go/lambda"
)

func main() {
	lambda.Start(func(ctx context.Context, e events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {
		return events.APIGatewayProxyResponse{Body: fmt.Sprintf("path: %v", e.Path), StatusCode: 200}, nil
	})
}

mounted as

resource "aws_apigatewayv2_api" "a" {
  name          = local.api
  protocol_type = "HTTP"
  target        = aws_lambda_function.a.arn
  // route_key     = "GET /"
  // route_key     = "ANY /"
  route_key     = "ANY /foo/{proxy+}"
  // route_key     = "$default"
}

Using

curl https://<instance>.execute-api.eu-central-1.amazonaws.com/foo/bar
path: %

I am getting an empty path - but would have expected /foo/bar.

This is a major blocker for me. What's am I missing?

created time in 19 days

issue commentapex/gateway

Hello World giving a 404

Seems like it could be related to this https://github.com/aws/aws-lambda-go/issues/60

tcurdt

comment created time in 19 days

issue commentapex/gateway

Hello World giving a 404

Digging further it seems like e.Path is not giving the path at all. I have a lambda mounted as "ANY /{proxy+}". This should catch all paths.

Doing a

curl https://uc3h7ht2.execute-api.eu-central-1.amazonaws.com/foo/bla

I would expect the e.Path to be /foo/bla (or foo/bla) but e.Path is just empty.

tcurdt

comment created time in 19 days

issue commentapex/gateway

Hello World giving a 404

func NewRequest(ctx context.Context, e events.APIGatewayProxyRequest) (*http.Request, error) {
	// path
	u, err := url.Parse(e.Path)

parses the path but the URL has no / suffix. When the URL gets passed into the new request, the URL path is "" not "/" which makes the router not find it.

	// new request
	req, err := http.NewRequest(e.HTTPMethod, u.String(), strings.NewReader(body))
	if err != nil {
		return nil, errors.Wrap(err, "creating request")
	}

Now the question is how to fix this best - and why this wasn't an issue before.

tcurdt

comment created time in 19 days

issue commentapex/gateway

Hello World giving a 404

It seems the RequestURI is empty although it should be /. So the router does not match and falls back to a 404.

tcurdt

comment created time in 19 days

issue commentapex/gateway

Hello World giving a 404

After some debugging

import (
	"context"
	"log"
	"net/http"

	"github.com/apex/gateway"

	"github.com/aws/aws-lambda-go/events"
	"github.com/aws/aws-lambda-go/lambda"
	"github.com/go-chi/chi"
)

func ListenAndServe(addr string, h http.Handler) error {
	if h == nil {
		h = http.DefaultServeMux
	}

	lambda.Start(func(ctx context.Context, e events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {

		r, err := gateway.NewRequest(ctx, e)
		if err != nil {
			// return events.APIGatewayProxyResponse{Body: "error", StatusCode: 200}, nil
			return events.APIGatewayProxyResponse{}, err
		}
		// return events.APIGatewayProxyResponse{Body: "ok1", StatusCode: 200}, nil

		w := gateway.NewResponse()
		h.ServeHTTP(w, r)

		// return events.APIGatewayProxyResponse{Body: "ok2", StatusCode: 200}, nil

		return w.End(), nil
	})

	return nil
}

func main() {
	// http.ListenAndServe(":3000", routing())
	// gateway.ListenAndServe(":3000", routing())
	ListenAndServe(":3000", routing())
}

func routing() http.Handler {

	r := chi.NewRouter()

	r.Get("/", func(w http.ResponseWriter, r *http.Request) {
		w.WriteHeader(http.StatusOK)
		w.Write([]byte("Hello World"))
	})

	r.Get("/id/{id}", func(w http.ResponseWriter, r *http.Request) {
		log.Printf("id: %s", chi.URLParam(r, "id"))
		w.WriteHeader(http.StatusOK)
		w.Write([]byte("Hello World"))
	})

	return r
}

I see that h.ServeHTTP seems to generate the 404 when using gateway. This also is the case when using chi. When running directly it works just fine.

tcurdt

comment created time in 19 days

push eventtcurdt/xstatic

snyk-bot

commit sha 252dae85dd74c095dbfb7ade4276026f62ab6bde

fix: upgrade highlight.js from 9.9.0 to 9.18.1 Snyk has created this PR to upgrade highlight.js from 9.9.0 to 9.18.1. See this package in NPM: https://www.npmjs.com/package/highlight.js See this project in Snyk: https://app.snyk.io/org/tcurdt/project/416dfd1b-e995-4f23-901d-fb93eea6c8c4?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-ce4868a498dba8298c74f45cef8f33a5

created branch time in 20 days

push eventtcurdt/xstatic

snyk-bot

commit sha dad6bf25c8c2da8026e3ed66a0db8ccf4f400b6d

fix: upgrade marked from 0.3.6 to 0.8.2 Snyk has created this PR to upgrade marked from 0.3.6 to 0.8.2. See this package in NPM: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/tcurdt/project/416dfd1b-e995-4f23-901d-fb93eea6c8c4?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-dbc90a7533ed18581b28e63da586c6c4

created branch time in 20 days

push eventtcurdt/xstatic

snyk-bot

commit sha da9847b7617e26fa78e11ab7efb17e37ff995bca

fix: upgrade babel-core from 6.24.1 to 6.26.3 Snyk has created this PR to upgrade babel-core from 6.24.1 to 6.26.3. See this package in NPM: https://www.npmjs.com/package/babel-core See this project in Snyk: https://app.snyk.io/org/tcurdt/project/e88a41c6-8d9e-4d48-86a9-f501fd974b62?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-63245c4bd021c4ff75897f35b6293005

created branch time in 20 days

push eventtcurdt/xstatic

snyk-bot

commit sha 3db1ea2fb19227e503dc7d70b04fde1132d3bcf5

fix: upgrade mkdirp from 0.5.1 to 0.5.5 Snyk has created this PR to upgrade mkdirp from 0.5.1 to 0.5.5. See this package in NPM: https://www.npmjs.com/package/mkdirp See this project in Snyk: https://app.snyk.io/org/tcurdt/project/6d53ea05-9913-4491-954e-0d91d978a6b9?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-6bed2e7a694f0849c00973243c4bfd3b

created branch time in 20 days

issue commentstlink-org/stlink

STM32F103C8Tx: Sudden unknown chip id

I guess then I don't even need to test on my blue pill then. Seems like it's not fixed then.

tcurdt

comment created time in 20 days

issue openedapex/gateway

Hello World giving a 404

This code works just fine.

package main

import (
 "context"
 "fmt"

 "github.com/aws/aws-lambda-go/lambda"
)

func HandleRequest(ctx context.Context) (string, error) {
  return fmt.Sprintf("Hello!"), nil
}

func main() {
  lambda.Start(HandleRequest)
}

When I replace it with

package main

import (
	"fmt"
	"log"
	"net/http"

	"github.com/apex/gateway"
)

func main() {

	http.HandleFunc("/", hello)

	log.Fatal(gateway.ListenAndServe(":3000", nil))
	// log.Fatal(http.ListenAndServe(":3000", nil))
}

func hello(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello!")
}

I am getting:

curl https://dqt4t5gx.execute-api.eu-central-1.amazonaws.com/
<a href="//dqt4t5gx.execute-api.eu-central-1.amazonaws.com/">Moved Permanently</a>.

Could this be because I am using the aws_apigatewayv2_api resource? Or any other pointers?

created time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-caa7fe14c70ef5093c00667702a0f68f

created branch time in 20 days

push eventtcurdt/xstatic

snyk-bot

commit sha 1ff94bbb03f12cca86dfe53dfb477e3da1558263

fix: upgrade node-sass from 4.5.2 to 4.14.1 Snyk has created this PR to upgrade node-sass from 4.5.2 to 4.14.1. See this package in NPM: https://www.npmjs.com/package/node-sass See this project in Snyk: https://app.snyk.io/org/tcurdt/project/0aac8369-8266-486b-adc6-47f90c75bae8?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-3e4040c988b76abdc3f9e779efac5120

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade moment from 2.18.1 to 2.26.0

<h3>Snyk has created this PR to upgrade moment from 2.18.1 to 2.26.0.</h3>

merge advice

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 18 versions ahead of your current version.
  • The recommended version was released a month ago, on 2020-05-20.

The recommended version fixes:

Severity Issue Exploit Maturity
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:moment:20170905 No Known Exploit

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>moment</b></summary> <ul> <li> <b>2.26.0</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.26.0">2020-05-20</a></br><p>2.26.0</p> </li> <li> <b>2.25.3</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.25.3">2020-05-04</a></br><p>2.25.3</p> </li> <li> <b>2.25.2</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.25.2">2020-05-04</a></br><p>2.25.2</p> </li> <li> <b>2.25.1</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.25.1">2020-05-01</a></br><p>2.25.1</p> </li> <li> <b>2.25.0</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.25.0">2020-05-01</a></br><p>2.25.0</p> </li> <li> <b>2.24.0</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.24.0">2019-01-21</a></br><p>2.24.0</p> </li> <li> <b>2.23.0</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.23.0">2018-12-13</a></br><p>2.23.0</p> </li> <li> <b>2.22.2</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.22.2">2018-06-01</a></br><p>2.22.2</p> </li> <li> <b>2.22.1</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.22.1">2018-04-15</a></br><p>2.22.1</p> </li> <li> <b>2.22.0</b> - <a href="https://snyk.io/redirect/github/moment/moment/releases/tag/2.22.0">2018-03-30</a></br><p>2.22.0</p> </li> <li> <b>2.21.0</b> - 2018-03-02 </li> <li> <b>2.20.1</b> - 2017-12-19 </li> <li> <b>2.20.0</b> - 2017-12-17 </li> <li> <b>2.19.4</b> - 2017-12-11 </li> <li> <b>2.19.3</b> - 2017-11-29 </li> <li> <b>2.19.2</b> - 2017-11-11 </li> <li> <b>2.19.1</b> - 2017-10-11 </li> <li> <b>2.19.0</b> - 2017-10-10 </li> <li> <b>2.18.1</b> - 2017-03-21 </li> </ul> from <a href="https://snyk.io/redirect/github/moment/moment/releases">moment GitHub release notes</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyM2Y4Y2FlZi03ZWFmLTRjNTMtOGFmZC03YjJjYWQ1NjJmOGIiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjIzZjhjYWVmLTdlYWYtNGM1My04YWZkLTdiMmNhZDU2MmY4YiJ9fQ==" width="0" height="0"/>

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"prId":"23f8caef-7eaf-4c53-8afd-7b2cad562f8b","dependencies":[{"name":"moment","from":"2.18.1","to":"2.26.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/be986747-3fc5-47ae-ba35-8fbec886d58a?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"be986747-3fc5-47ae-ba35-8fbec886d58a","env":"prod","prType":"upgrade","vulns":["npm:moment:20170905"],"issuesToFix":[{"issueId":"npm:moment:20170905","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"}],"upgrade":["npm:moment:20170905"],"upgradeInfo":{"versionsDiff":18,"publishedDate":"2020-05-20T06:46:22.568Z"},"templateVariants":["merge-advice-badge-shown"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

push eventtcurdt/xstatic

snyk-bot

commit sha 5adaac5d7ed048471dc6348c40f3fdca0c066fd8

fix: upgrade moment from 2.18.1 to 2.26.0 Snyk has created this PR to upgrade moment from 2.18.1 to 2.26.0. See this package in NPM: https://www.npmjs.com/package/moment See this project in Snyk: https://app.snyk.io/org/tcurdt/project/be986747-3fc5-47ae-ba35-8fbec886d58a?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/xstatic

branch : snyk-upgrade-3e4040c988b76abdc3f9e779efac5120

created branch time in 20 days

delete branch tcurdt/jdeb

delete branch : snyk-upgrade-4d8c662abfcacbad057768c1b735c7e9

delete time in 20 days

push eventtcurdt/jdeb

Snyk bot

commit sha 1c201c94592d0a25ca7a562e215062f9fee6a276

fix: upgrade org.apache.ant:ant from 1.10.7 to 1.10.8 (#302) Snyk has created this PR to upgrade org.apache.ant:ant from 1.10.7 to 1.10.8.

view details

push time in 20 days

PR merged tcurdt/jdeb

[Snyk] Upgrade org.apache.ant:ant from 1.10.7 to 1.10.8

<h3>Snyk has created this PR to upgrade org.apache.ant:ant from 1.10.7 to 1.10.8.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 23 days ago, on 2020-05-10.

The recommended version fixes:

Severity Issue Exploit Maturity
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Insecure Default<br/> SNYK-JAVA-ORGAPACHEANT-569130 No Known Exploit

<hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2MjM5NTU3Zi0wNGJhLTRlZTQtYTM2NC1lNzYxNjYwNDZhNTUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjYyMzk1NTdmLTA0YmEtNGVlNC1hMzY0LWU3NjE2NjA0NmE1NSJ9fQ==" width="0" height="0"/>

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"prId":"6239557f-04ba-4ee4-a364-e76166046a55","dependencies":[{"name":"org.apache.ant:ant","from":"1.10.7","to":"1.10.8"}],"packageManager":"maven","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6cdc8093-5771-41b5-a9e1-a3aa9813eb26?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6cdc8093-5771-41b5-a9e1-a3aa9813eb26","env":"prod","prType":"upgrade","vulns":["SNYK-JAVA-ORGAPACHEANT-569130"],"issuesToFix":[{"issueId":"SNYK-JAVA-ORGAPACHEANT-569130","severity":"medium","title":"Insecure Default","exploitMaturity":"no-known-exploit"}],"upgrade":["SNYK-JAVA-ORGAPACHEANT-569130"],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2020-05-10T14:40:09.000Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

2 comments

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/jdeb

delete branch : snyk-upgrade-118c2d487e5078adcfb40c4f7e59c984

delete time in 20 days

push eventtcurdt/jdeb

Snyk bot

commit sha 1794e9779287acd630b4129b476f575e490600b1

fix: upgrade commons-io:commons-io from 2.6 to 2.7 (#305) Snyk has created this PR to upgrade commons-io:commons-io from 2.6 to 2.7.

view details

push time in 20 days

PR merged tcurdt/jdeb

[Snyk] Upgrade commons-io:commons-io from 2.6 to 2.7

<h3>Snyk has created this PR to upgrade commons-io:commons-io from 2.6 to 2.7.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 23 days ago, on 2020-05-24.

<hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI0ZTcyNDNmYS00ZjlmLTRmYTUtODdhNC00MWY5M2Q4MzJiMzUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjRlNzI0M2ZhLTRmOWYtNGZhNS04N2E0LTQxZjkzZDgzMmIzNSJ9fQ==" width="0" height="0"/>

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"prId":"4e7243fa-4f9f-4fa5-87a4-41f93d832b35","dependencies":[{"name":"commons-io:commons-io","from":"2.6","to":"2.7"}],"packageManager":"maven","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6cdc8093-5771-41b5-a9e1-a3aa9813eb26?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6cdc8093-5771-41b5-a9e1-a3aa9813eb26","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2020-05-24T20:10:54.000Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

2 comments

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-d863b82a79efa7ae45aea2da93d9fe5d

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade moment from 2.18.1 to 2.24.0

<h3>Snyk has created this PR to upgrade moment from 2.18.1 to 2.24.0.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 13 versions ahead of your current version.
  • The recommended version was released a year ago, on 2019-01-21.

The recommended version fixes:

Severity Issue Exploit Maturity
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:moment:20170905 No Known Exploit

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>moment</b></summary> <ul> <li> <b>2.24.0</b> - <a href="https://github.com/moment/moment/releases/tag/2.24.0">2019-01-21</a></br><p>2.24.0</p> </li> <li> <b>2.23.0</b> - <a href="https://github.com/moment/moment/releases/tag/2.23.0">2018-12-13</a></br><p>2.23.0</p> </li> <li> <b>2.22.2</b> - <a href="https://github.com/moment/moment/releases/tag/2.22.2">2018-06-01</a></br><p>2.22.2</p> </li> <li> <b>2.22.1</b> - <a href="https://github.com/moment/moment/releases/tag/2.22.1">2018-04-15</a></br><p>2.22.1</p> </li> <li> <b>2.22.0</b> - <a href="https://github.com/moment/moment/releases/tag/2.22.0">2018-03-30</a></br><p>2.22.0</p> </li> <li> <b>2.21.0</b> - <a href="https://github.com/moment/moment/releases/tag/2.21.0">2018-03-02</a></br><p>2.21.0</p> </li> <li> <b>2.20.1</b> - <a href="https://github.com/moment/moment/releases/tag/2.20.1">2017-12-19</a></br><p>2.20.1</p> </li> <li> <b>2.20.0</b> - <a href="https://github.com/moment/moment/releases/tag/2.20.0">2017-12-17</a></br><p>2.20.0</p> </li> <li> <b>2.19.4</b> - <a href="https://github.com/moment/moment/releases/tag/2.19.4">2017-12-11</a></br><p>2.19.4</p> </li> <li> <b>2.19.3</b> - <a href="https://github.com/moment/moment/releases/tag/2.19.3">2017-11-29</a></br><p>2.19.3</p> </li> <li> <b>2.19.2</b> - 2017-11-11 </li> <li> <b>2.19.1</b> - 2017-10-11 </li> <li> <b>2.19.0</b> - 2017-10-10 </li> <li> <b>2.18.1</b> - 2017-03-21 </li> </ul> from <a href="https://github.com/moment/moment/releases">moment GitHub release notes</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"dependencies":[{"name":"moment","from":"2.18.1","to":"2.24.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/be986747-3fc5-47ae-ba35-8fbec886d58a?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"be986747-3fc5-47ae-ba35-8fbec886d58a","env":"prod","prType":"upgrade","vulns":["npm:moment:20170905"],"issuesToFix":[{"issueId":"npm:moment:20170905","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"}],"upgrade":["npm:moment:20170905"],"upgradeInfo":{"versionsDiff":13,"publishedDate":"2019-01-21T21:10:34.169Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-3ef3b48497eaae8ceb71d93cefe91da6

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade browser-sync from 2.18.8 to 2.26.7

<h3>Snyk has created this PR to upgrade browser-sync from 2.18.8 to 2.26.7.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 46 versions ahead of your current version.
  • The recommended version was released 9 months ago, on 2019-06-07.

The recommended version fixes:

Severity Issue Exploit Maturity
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Denial of Service (DoS)<br/> npm:ws:20171108 Mature
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Prototype Override Protection Bypass<br/> npm:qs:20170213 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Prototype Override Protection Bypass<br/> npm:qs:20170213 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Denial of Service (DoS)<br/> npm:qs:20140806 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:parsejson:20170908 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:fresh:20170908 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Prototype Pollution<br/> SNYK-JS-LODASH-73638 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png" width="20" height="20" title="high severity"/> Prototype Pollution<br/> SNYK-JS-LODASH-450202 Proof of Concept
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Insecure Randomness<br/> npm:ws:20160920 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:ua-parser-js:20171012 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Uninitialized Memory Exposure<br/> npm:tunnel-agent:20170305 Proof of Concept
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Denial of Service (DoS)<br/> npm:qs:20140806-1 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Prototype Pollution<br/> npm:hoek:20180212 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Cross-site Scripting (XSS)<br/> npm:express:20140912 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Cross-site Scripting (XSS)<br/> npm:connect:20130701 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Denial of Service (DoS)<br/> npm:connect:20120107 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Prototype Pollution<br/> npm:lodash:20180130 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Regular Expression Denial of Service (ReDoS)<br/> SNYK-JS-LODASH-73639 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:ms:20170412 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:ms:20170412 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:mime:20170907 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:mime:20170907 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:debug:20170905 No Known Exploit
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png" width="20" height="20" title="low severity"/> Regular Expression Denial of Service (ReDoS)<br/> npm:debug:20170905 No Known Exploit

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>browser-sync</b></summary> <ul> <li> <b>2.26.7</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.7">2019-06-07</a></br><p>v2.26.7</p> </li> <li> <b>2.26.6</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.6">2019-06-07</a></br><p>v2.26.6</p> </li> <li> <b>2.26.5</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.5">2019-04-24</a></br><p>v2.26.5</p> </li> <li> <b>2.26.4</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.4">2019-04-22</a></br><p>v2.26.4</p> </li> <li> <b>2.26.3</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.3">2018-10-13</a></br><p><strong>fixes</strong></p> <ul> <li>application/wasm support - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="355305604" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1598" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1598/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1598">#1598</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/d60cd916ff1c64a69fddaa5cd2ca1061f066266e/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/d60cd916ff1c64a69fddaa5cd2ca1061f066266e"><tt>d60cd91</tt></a></li> <li>deps - ensure previous users of browser-sync-client are not affected by new structure - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="367831779" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1615" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1615/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1615">#1615</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/0a2ff5a25d9e5ca7df7b1ec63a235f76a220ada6/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/0a2ff5a25d9e5ca7df7b1ec63a235f76a220ada6"><tt>0a2ff5a</tt></a></li> <li>npm audit fixes across all packages - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="368418342" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1618" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1618/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1618">#1618</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/9f3fea4d0bef39b31c45e14cba669483f6e65448/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/9f3fea4d0bef39b31c45e14cba669483f6e65448"><tt>9f3fea4</tt></a></li> </ul> </li> <li> <b>2.26.2</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.2">2018-10-13</a></br><p>v2.26.2</p> </li> <li> <b>2.26.1</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.1">2018-10-13</a></br><p>v2.26.1</p> </li> <li> <b>2.26.0</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.26.0">2018-10-06</a></br><p>these notes describe the change from 2.24.6 -> 2.26.0</p> <p><strong>fixes</strong></p> <ul> <li>Removing default logger prefix [BS] - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="362765422" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1607" data-hovercard-type="pull_request" data-hovercard-url="/BrowserSync/browser-sync/pull/1607/hovercard" href="https://github.com/BrowserSync/browser-sync/pull/1607">#1607</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/257fba6d3fa3b4e77f526912a395625efcdebcb3/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/257fba6d3fa3b4e77f526912a395625efcdebcb3"><tt>257fba6</tt></a></li> <li>case-insensitive matching on <code>domain</code> key in proxy responses <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/dacfc8bcedbd1f8e27a3ad4944aee44ff7f73533/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/dacfc8bcedbd1f8e27a3ad4944aee44ff7f73533"><tt>dacfc8b</tt></a></li> <li>bump chokidar fixing fsevents build - closes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="365253031" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1613" data-hovercard-type="pull_request" data-hovercard-url="/BrowserSync/browser-sync/pull/1613/hovercard" href="https://github.com/BrowserSync/browser-sync/pull/1613">#1613</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/11729cc0a398d276a66d1883d1273f2fd3c1d36e/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/11729cc0a398d276a66d1883d1273f2fd3c1d36e"><tt>11729cc</tt></a></li> <li>Unexpected Page Reload after Pausing in Debugger - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="350828628" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1591" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1591/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1591">#1591</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/06ee1b7db8d3090f693dc8ba0650f3e7022463ae/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/06ee1b7db8d3090f693dc8ba0650f3e7022463ae"><tt>06ee1b7</tt></a></li> <li>scroll - add missing init method for window.name method of scroll restoring - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="343604239" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1586" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1586/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1586">#1586</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="274153639" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1457" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1457/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1457">#1457</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="274153639" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1457" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1457/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1457">#1457</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/9e96603e2f8e859a5ae6fe921c7380787c706896/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/9e96603e2f8e859a5ae6fe921c7380787c706896"><tt>9e96603</tt></a></li> <li>proxy Port gets unnecesarily rewritten in Proxy - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="336121813" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1577" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1577/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1577">#1577</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/48286e0d09e35b06b5736be674ffe52105ba0a86/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/48286e0d09e35b06b5736be674ffe52105ba0a86"><tt>48286e0</tt></a></li> </ul> <p><strong>chore</strong></p> <ul> <li>move cypress to top-level dep <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/0d4ab8156b30bbdafbb202ee0f597d4ea5dc4d0b/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/0d4ab8156b30bbdafbb202ee0f597d4ea5dc4d0b"><tt>0d4ab81</tt></a></li> <li>package-lock files <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/900e23e321ffe2110068e3194b9d00d988ffb721/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/900e23e321ffe2110068e3194b9d00d988ffb721"><tt>900e23e</tt></a></li> <li>change API of option transforms <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/ef12e9aa576d4395db9353d80761487ff4f82206/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/ef12e9aa576d4395db9353d80761487ff4f82206"><tt>ef12e9a</tt></a></li> </ul> <p><strong>lerna</strong></p> <ul> <li>initial version <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/7c0ad4eaffbd1e1b9760277cce193692f0577bcd/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/7c0ad4eaffbd1e1b9760277cce193692f0577bcd"><tt>7c0ad4e</tt></a></li> <li>more path updates <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/c108af8ed973c74cdfecbf3cfb104e6b6c5e9bde/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/c108af8ed973c74cdfecbf3cfb104e6b6c5e9bde"><tt>c108af8</tt></a></li> <li>updated more stuff since the move to lerna <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/4ac3a49ce92b8eef8e6898962ae6aca1f48537c4/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/4ac3a49ce92b8eef8e6898962ae6aca1f48537c4"><tt>4ac3a49</tt></a></li> <li>bring in server/client/ui <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/d6198f92cccbb1945b5a0cff1a1a3328d3f505ce/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/d6198f92cccbb1945b5a0cff1a1a3328d3f505ce"><tt>d6198f9</tt></a></li> <li>add browser-sync-ui <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/325c7751cb583272fb69c56846dede9cf22c2d53/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/325c7751cb583272fb69c56846dede9cf22c2d53"><tt>325c775</tt></a></li> </ul> <p><strong>feature</strong></p> <ul> <li>adding 'listen' option to restrict binding of interfaces <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/d6419160382fc45c739cac20679b9d7bbbcfee5b/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/d6419160382fc45c739cac20679b9d7bbbcfee5b"><tt>d641916</tt></a></li> </ul> <p><strong>docs</strong></p> <ul> <li>emphasize a couple of points - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="278831647" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1461" data-hovercard-type="pull_request" data-hovercard-url="/BrowserSync/browser-sync/pull/1461/hovercard" href="https://github.com/BrowserSync/browser-sync/pull/1461">#1461</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/cf0febd978b20e9c8b9bc0a8aa262e3b54972b98/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/cf0febd978b20e9c8b9bc0a8aa262e3b54972b98"><tt>cf0febd</tt></a></li> <li>added additional note about httpModule option - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="286445997" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1485" data-hovercard-type="pull_request" data-hovercard-url="/BrowserSync/browser-sync/pull/1485/hovercard" href="https://github.com/BrowserSync/browser-sync/pull/1485">#1485</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/16487adbc282f13b774d597ee729c57eec377cd1/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/16487adbc282f13b774d597ee729c57eec377cd1"><tt>16487ad</tt></a></li> </ul> <p><strong>deps</strong></p> <ul> <li>npm audit for localtunnel - fixes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="343642018" data-permission-text="Title is private" data-url="https://github.com/BrowserSync/browser-sync/issues/1587" data-hovercard-type="issue" data-hovercard-url="/BrowserSync/browser-sync/issues/1587/hovercard" href="https://github.com/BrowserSync/browser-sync/issues/1587">#1587</a> <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/27f21731874fa4ec56aa4b3039086317aa5584dd/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/27f21731874fa4ec56aa4b3039086317aa5584dd"><tt>27f2173</tt></a></li> <li>easy-extender@2.3.4 cypress@3.1.0 supertest@3.1.0 <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/BrowserSync/browser-sync/commit/a6578a3adcc310386c10957e5dd3fdcd8d3b9a21/hovercard" href="https://github.com/BrowserSync/browser-sync/commit/a6578a3adcc310386c10957e5dd3fdcd8d3b9a21"><tt>a6578a3</tt></a></li> </ul> </li> <li> <b>2.25.3-alpha.0</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.25.3-alpha.0">2018-10-06</a></br><p>v2.25.3-alpha.0</p> </li> <li> <b>2.25.2-alpha.0</b> - <a href="https://github.com/BrowserSync/browser-sync/releases/tag/v2.25.2-alpha.0">2018-10-06</a></br><p>v2.25.2-alpha.0</p> </li> <li> <b>2.25.1-alpha.0</b> - 2018-10-06 </li> <li> <b>2.25.0</b> - 2018-10-06 </li> <li> <b>2.25.0-alpha.0</b> - 2018-09-17 </li> <li> <b>2.24.7</b> - 2018-08-26 </li> <li> <b>2.24.6</b> - 2018-07-21 </li> <li> <b>2.24.5</b> - 2018-06-24 </li> <li> <b>2.24.4</b> - 2018-05-03 </li> <li> <b>2.24.3</b> - 2018-05-03 </li> <li> <b>2.24.3-rc1</b> - 2018-05-02 </li> <li> <b>2.24.2</b> - 2018-05-02 </li> <li> <b>2.24.2-rc1</b> - 2018-05-02 </li> <li> <b>2.24.1</b> - 2018-04-30 </li> <li> <b>2.24.1-rc1</b> - 2018-04-30 </li> <li> <b>2.24.0</b> - 2018-04-29 </li> <li> <b>2.24.0-rc4</b> - 2018-04-29 </li> <li> <b>2.24.0-rc3</b> - 2018-04-29 </li> <li> <b>2.24.0-rc2</b> - 2018-04-29 </li> <li> <b>2.24.0-rc1</b> - 2018-04-29 </li> <li> <b>2.23.7</b> - 2018-04-20 </li> <li> <b>2.23.6</b> - 2018-01-24 </li> <li> <b>2.23.5</b> - 2018-01-10 </li> <li> <b>2.23.4</b> - 2018-01-10 </li> <li> <b>2.23.3</b> - 2018-01-05 </li> <li> <b>2.23.2</b> - 2018-01-01 </li> <li> <b>2.23.1</b> - 2017-12-29 </li> <li> <b>2.23.0</b> - 2017-12-29 </li> <li> <b>2.22.0</b> - 2017-12-28 </li> <li> <b>2.21.0</b> - 2017-12-22 </li> <li> <b>2.20.1</b> - 2017-12-22 </li> <li> <b>2.20.0</b> - 2017-12-21 </li> <li> <b>2.19.0</b> - 2017-12-19 </li> <li> <b>2.18.13</b> - 2017-07-20 </li> <li> <b>2.18.12</b> - 2017-05-21 </li> <li> <b>2.18.11</b> - 2017-05-15 </li> <li> <b>2.18.10</b> - 2017-05-15 </li> <li> <b>2.18.9</b> - 2017-05-15 </li> <li> <b>2.18.8</b> - 2017-02-13 </li> </ul> from <a href="https://github.com/BrowserSync/browser-sync/releases">browser-sync GitHub release notes</a> </details> </details>

<details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>browser-sync</b></summary> <ul> <li><a href="https://github.com/BrowserSync/browser-sync/commit/2191369375cd3ee4515d800f79ad52f76e221ed1">2191369</a> v2.26.7</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/53f9b36e84f5f3d72c98b94f3999ff73f5d96755">53f9b36</a> docs: readme</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/0b3d98b4934488cf02e70acec31693eb3bbc684d">0b3d98b</a> v2.26.6</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/fdfc68119a67da3b839a934427fad16e05df738e">fdfc681</a> tests: add e2e tests to package.json</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/c56cfd9492bdd4ab0cb37527fddbeb294459ec7b">c56cfd9</a> Merge pull request #1698 from emeitch/fix_deprecated_header</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/2fd598f45aff72b7d7080f0c26b057334c2867d4">2fd598f</a> Merge pull request #1690 from XhmikosR/xmr-ci</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/841ccd588dd9656e12f059dc4160b0bcbf8c8463">841ccd5</a> Merge pull request #1694 from coliff/patch-1</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/209c9c138336e42f154b1fabe4da1b4227e52f65">209c9c1</a> Merge pull request #1697 from gaards/update-localtunnel</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/87bee4ba351e5a0eeff9e7bc159af3983214bede">87bee4b</a> Use getHeaders or _headers</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/77abfd3b1bb8817e7c6b189370524de4861b7dfc">77abfd3</a> Update localtunnel</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/1f073f901efff0da514628da56d88bb67f2aa88b">1f073f9</a> Remove gittip from README (service closed down)</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/51792b1c949db543e5c59a1f6e641f5af29063a8">51792b1</a> AppVeyor tweaks.</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/9c9d71a0b97390c897369aa253ab83dbecffe7a1">9c9d71a</a> CI: Add Node.js 12 and 10.</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/6dd2d560f9afd0daa1188a797d55165f4e2a5763">6dd2d56</a> v2.26.5</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/62007c8b944808d1b46d42d5e22fa65883d1eaec">62007c8</a> SyntaxError in micromatch when starting browser-sync - fixes #1682</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/47a4d1bf56d3b32d89edd7cdf65166119593f1b1">47a4d1b</a> v2.26.4</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/05a58dbc3e788b7b9c84b9c0f4ab84f60bc619b1">05a58db</a> deps: fixes #1677 #1671 #1659 #1648</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/35035df75a41da5309ace117044300e3868e3ed8">35035df</a> deps: removed nodemon since it includes flat-stream (security)</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/1b2eab5aff7b1e38bc0f97ddcff87b53e1d086cf">1b2eab5</a> Merge pull request #1634 from mxschmitt/patch-1</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/e35e5dc23f7154ea4caab1e59b798572bc7ae9cc">e35e5dc</a> fix(ui): updated dead links and moved to https</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/85c4ba71f3e51897a4770c399fc64db2d9d7cb11">85c4ba7</a> examples: server + proxy</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/924d5e7766d02bdb6f0cc3c673d084356da84c46">924d5e7</a> v2.26.3</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/d60cd916ff1c64a69fddaa5cd2ca1061f066266e">d60cd91</a> fix: application/wasm support in Chrome - fixes #1598</li> <li><a href="https://github.com/BrowserSync/browser-sync/commit/f95dd7a4a0e8fb01c2d0a1800d776e2fa1d210db">f95dd7a</a> v2.26.2</li> </ul>

<a href="https://github.com/BrowserSync/browser-sync/compare/9e0a170df275d35d09e098bff816fc7c9885842e...2191369375cd3ee4515d800f79ad52f76e221ed1">Compare</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"dependencies":[{"name":"browser-sync","from":"2.18.8","to":"2.26.7"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6d53ea05-9913-4491-954e-0d91d978a6b9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6d53ea05-9913-4491-954e-0d91d978a6b9","env":"prod","prType":"upgrade","vulns":["npm:ws:20171108","npm:qs:20170213","npm:qs:20170213","npm:qs:20140806","npm:parsejson:20170908","npm:fresh:20170908","SNYK-JS-LODASH-73638","SNYK-JS-LODASH-450202","npm:ws:20160920","npm:ua-parser-js:20171012","npm:tunnel-agent:20170305","npm:qs:20140806-1","npm:hoek:20180212","npm:express:20140912","npm:connect:20130701","npm:connect:20120107","npm:lodash:20180130","SNYK-JS-LODASH-73639","npm:ms:20170412","npm:ms:20170412","npm:mime:20170907","npm:mime:20170907","npm:debug:20170905","npm:debug:20170905"],"issuesToFix":[{"issueId":"npm:ws:20171108","severity":"high","title":"Denial of Service (DoS)","exploitMaturity":"mature"},{"issueId":"npm:qs:20170213","severity":"high","title":"Prototype Override Protection Bypass","exploitMaturity":"no-known-exploit"},{"issueId":"npm:qs:20170213","severity":"high","title":"Prototype Override Protection Bypass","exploitMaturity":"no-known-exploit"},{"issueId":"npm:qs:20140806","severity":"high","title":"Denial of Service (DoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:parsejson:20170908","severity":"high","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:fresh:20170908","severity":"high","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-LODASH-73638","severity":"high","title":"Prototype Pollution","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-LODASH-450202","severity":"high","title":"Prototype Pollution","exploitMaturity":"proof-of-concept"},{"issueId":"npm:ws:20160920","severity":"medium","title":"Insecure Randomness","exploitMaturity":"no-known-exploit"},{"issueId":"npm:ua-parser-js:20171012","severity":"medium","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:tunnel-agent:20170305","severity":"medium","title":"Uninitialized Memory Exposure","exploitMaturity":"proof-of-concept"},{"issueId":"npm:qs:20140806-1","severity":"medium","title":"Denial of Service (DoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:hoek:20180212","severity":"medium","title":"Prototype Pollution","exploitMaturity":"no-known-exploit"},{"issueId":"npm:express:20140912","severity":"medium","title":"Cross-site Scripting (XSS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:connect:20130701","severity":"medium","title":"Cross-site Scripting (XSS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:connect:20120107","severity":"medium","title":"Denial of Service (DoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:lodash:20180130","severity":"medium","title":"Prototype Pollution","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-LODASH-73639","severity":"medium","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:ms:20170412","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:ms:20170412","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:mime:20170907","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:mime:20170907","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:debug:20170905","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:debug:20170905","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"}],"upgrade":["npm:ws:20171108","npm:qs:20170213","npm:qs:20170213","npm:qs:20140806","npm:parsejson:20170908","npm:fresh:20170908","SNYK-JS-LODASH-73638","SNYK-JS-LODASH-450202","npm:ws:20160920","npm:ua-parser-js:20171012","npm:tunnel-agent:20170305","npm:qs:20140806-1","npm:hoek:20180212","npm:express:20140912","npm:connect:20130701","npm:connect:20120107","npm:lodash:20180130","SNYK-JS-LODASH-73639","npm:ms:20170412","npm:ms:20170412","npm:mime:20170907","npm:mime:20170907","npm:debug:20170905","npm:debug:20170905"],"upgradeInfo":{"versionsDiff":46,"publishedDate":"2019-06-07T08:34:49.600Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-883f32a0108ff4d69cd6aa299e75903e

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade mkdirp from 0.5.1 to 0.5.3

<h3>Snyk has created this PR to upgrade mkdirp from 0.5.1 to 0.5.3.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 2 versions ahead of your current version.
  • The recommended version was released 2 days ago, on 2020-03-17.

The recommended version fixes:

Severity Issue Exploit Maturity
<img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> Prototype Pollution<br/> SNYK-JS-MINIMIST-559764 Proof of Concept

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>mkdirp</b></summary> <ul> <li> <b>0.5.3</b> - <a href="https://github.com/isaacs/node-mkdirp/releases/tag/v0.5.3">2020-03-17</a></br><p>0.5.3</p> </li> <li> <b>0.5.2</b> - <a href="https://github.com/isaacs/node-mkdirp/releases/tag/v0.5.2">2020-03-17</a></br><p>0.5.2</p> </li> <li> <b>0.5.1</b> - 2015-05-14 </li> </ul> from <a href="https://github.com/isaacs/node-mkdirp/releases">mkdirp GitHub release notes</a> </details> </details>

<details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>mkdirp</b></summary> <ul> <li><a href="https://github.com/isaacs/node-mkdirp/commit/d784e70d1eb3fc73bcda52f22f57ec55c00c2525">d784e70</a> 0.5.3</li> <li><a href="https://github.com/isaacs/node-mkdirp/commit/d612c5ddca62d50282147f5d199810bf1de0b314">d612c5d</a> add files list so this package isn't a monster</li> <li><a href="https://github.com/isaacs/node-mkdirp/commit/b2e7ba0dd8ac7029735969c5a6062d49e839b30d">b2e7ba0</a> 0.5.2</li> <li><a href="https://github.com/isaacs/node-mkdirp/commit/c5b97d17d45a22bcf4c815645cbb989dab57ddd8">c5b97d1</a> bump minimist to 1.2 to fix security issue</li> <li><a href="https://github.com/isaacs/node-mkdirp/commit/f2003bbcffa80f8c9744579fabab1212fc84545a">f2003bb</a> test: add v4 and v5 to travis</li> <li><a href="https://github.com/isaacs/node-mkdirp/commit/b8629ffd27c7f3fa8a6fc28b60206ab1d0cb081e">b8629ff</a> tools: update tap + mock-fs. Fix broken test</li> </ul>

<a href="https://github.com/isaacs/node-mkdirp/compare/d4eff0f06093aed4f387e88e9fc301cb76beedc7...d784e70d1eb3fc73bcda52f22f57ec55c00c2525">Compare</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"dependencies":[{"name":"mkdirp","from":"0.5.1","to":"0.5.3"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6d53ea05-9913-4491-954e-0d91d978a6b9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6d53ea05-9913-4491-954e-0d91d978a6b9","env":"prod","prType":"upgrade","vulns":["SNYK-JS-MINIMIST-559764"],"issuesToFix":[{"issueId":"SNYK-JS-MINIMIST-559764","severity":"medium","title":"Prototype Pollution","exploitMaturity":"proof-of-concept"}],"upgrade":["SNYK-JS-MINIMIST-559764"],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2020-03-17T16:28:33.897Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-5b180e6a76e1f9e260bb197b35d03c6a

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade chokidar from 1.6.1 to 1.7.0

<h3>Snyk has created this PR to upgrade chokidar from 1.6.1 to 1.7.0.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 3 years ago, on 2017-05-08.

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>chokidar</b></summary> <ul> <li> <b>1.7.0</b> - 2017-05-08 </li> <li> <b>1.6.1</b> - 2016-10-14 </li> </ul> from <a href="https://github.com/paulmillr/chokidar/releases">chokidar GitHub release notes</a> </details> </details>

<details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>chokidar</b></summary> <ul> <li><a href="https://github.com/paulmillr/chokidar/commit/3b1071a6dd82397842f4f7dc63b72c703bd06275">3b1071a</a> Release 1.7.0</li> <li><a href="https://github.com/paulmillr/chokidar/commit/c716ffd3d01ceab2622c5d916e227afca3231d5a">c716ffd</a> Fix process not exiting calling .close() right after watching. (#600)</li> <li><a href="https://github.com/paulmillr/chokidar/commit/f03f332e56d405b2ec5b6c6c3e5dc6fc763b89b1">f03f332</a> Fix for possible infinite recursion. (#580)</li> <li><a href="https://github.com/paulmillr/chokidar/commit/2442f7bb66ab8c3033df753a5b9a406c5532d6ec">2442f7b</a> Added ability to force `interval` value by setting `CHOKIDAR_INTERVAL… (#557)</li> <li><a href="https://github.com/paulmillr/chokidar/commit/0faec867b3d3916dfe7278e9199c920aa46590af">0faec86</a> disableGlobbing option: treat glob-like paths as literal paths (#598)</li> <li><a href="https://github.com/paulmillr/chokidar/commit/d90d112797206e60236d723693965ff155c6cd1f">d90d112</a> Slight README.md typo fix: appear(s) (#595)</li> <li><a href="https://github.com/paulmillr/chokidar/commit/3f7f113ac67638d8e4b4956f770446b1d727c4df">3f7f113</a> Stabilize tests when running on Travis/darwin</li> <li><a href="https://github.com/paulmillr/chokidar/commit/b427e9cefa843b1465339c1197f6ca4da0f027f2">b427e9c</a> Update example dotfiles regex</li> <li><a href="https://github.com/paulmillr/chokidar/commit/c21a65ce26064408ad14cf36a095f490936cbbd9">c21a65c</a> Add node v7 to CI configs</li> <li><a href="https://github.com/paulmillr/chokidar/commit/dc783754bdd5b61b66dafbfbf6b1b83268eb0f4f">dc78375</a> Update Travis config</li> <li><a href="https://github.com/paulmillr/chokidar/commit/7b7cb212ec8c881e38e214d6ab3c4d37a7c4f0e2">7b7cb21</a> Bump mocha.</li> </ul>

<a href="https://github.com/paulmillr/chokidar/compare/c08145c5368fac6441773e621da9db215cc0d3b2...3b1071a6dd82397842f4f7dc63b72c703bd06275">Compare</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"dependencies":[{"name":"chokidar","from":"1.6.1","to":"1.7.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6d53ea05-9913-4491-954e-0d91d978a6b9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6d53ea05-9913-4491-954e-0d91d978a6b9","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2017-05-08T18:45:57.365Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

delete branch tcurdt/xstatic

delete branch : snyk-upgrade-f5f044b85022f077a49b0926dac7b6f4

delete time in 20 days

PR closed tcurdt/xstatic

[Snyk] Upgrade minimatch from 3.0.3 to 3.0.4

<h3>Snyk has created this PR to upgrade minimatch from 3.0.3 to 3.0.4.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/>

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 3 years ago, on 2017-05-07.

<details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>minimatch</b></summary> <ul> <li> <b>3.0.4</b> - <a href="https://github.com/isaacs/minimatch/releases/tag/v3.0.4">2017-05-07</a></br><p>v3.0.4</p> </li> <li> <b>3.0.3</b> - <a href="https://github.com/isaacs/minimatch/releases/tag/v3.0.3">2016-08-08</a></br><p>v3.0.3</p> </li> </ul> from <a href="https://github.com/isaacs/minimatch/releases">minimatch GitHub release notes</a> </details> </details>

<details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>minimatch</b></summary> <ul> <li><a href="https://github.com/isaacs/minimatch/commit/e46989a323d5f0aa4781eff5e2e6e7aafa223321">e46989a</a> v3.0.4</li> <li><a href="https://github.com/isaacs/minimatch/commit/ddfacbd37c9a34b45693650a9fc7f10165753730">ddfacbd</a> update brace-expansion</li> <li><a href="https://github.com/isaacs/minimatch/commit/55ed7365cb9c54d9406262ce01cc44f29893cec1">55ed736</a> update package scripts and deps</li> </ul>

<a href="https://github.com/isaacs/minimatch/compare/eed89491bd4a4e6bc463aac0dfb5c29ef0d1dc13...e46989a323d5f0aa4781eff5e2e6e7aafa223321">Compare</a> </details> </details> <hr/>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

<!--- (snyk:metadata:{"dependencies":[{"name":"minimatch","from":"3.0.3","to":"3.0.4"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/tcurdt/project/6d53ea05-9913-4491-954e-0d91d978a6b9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"6d53ea05-9913-4491-954e-0d91d978a6b9","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2017-05-07T18:11:10.900Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false}) --->

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in 20 days

push eventtcurdt/jdeb

snyk-bot

commit sha 9938109057e4cb25b206c89c6055c973c352c3ef

fix: upgrade commons-io:commons-io from 2.6 to 2.7 Snyk has created this PR to upgrade commons-io:commons-io from 2.6 to 2.7. See this package in NPM: https://www.npmjs.com/package/commons-io:commons-io See this project in Snyk: https://app.snyk.io/org/tcurdt/project/6cdc8093-5771-41b5-a9e1-a3aa9813eb26?utm_source=github&utm_medium=upgrade-pr

view details

push time in 20 days

create barnchtcurdt/jdeb

branch : snyk-upgrade-118c2d487e5078adcfb40c4f7e59c984

created branch time in 20 days

push eventtcurdt/jdependency

snyk-bot

commit sha c8f4fce76d8f15f90c54c6c5f8094a8e63ba2cb2

fix: upgrade commons-io:commons-io from 2.6 to 2.7 Snyk has created this PR to upgrade commons-io:commons-io from 2.6 to 2.7. See this package in NPM: https://www.npmjs.com/package/commons-io:commons-io See this project in Snyk: https://app.snyk.io/org/tcurdt/project/d472f748-1a32-4a46-b330-14d9e888dd34?utm_source=github&utm_medium=upgrade-pr

view details

push time in 21 days

startedbroadwaylamb/OpenCombine

started time in 21 days

startednektos/act

started time in 22 days

startedReclaimerLabs/USB-PD-Breakout

started time in 22 days

startedtidwall/SwiftWebSocket

started time in a month

issue commenttdewolff/canvas

multi-page pdfs

...will the memory of previous pages be released with NewPage? or is the memory of all pages then bound to the single context? Just wondering about documents with many heavy pages.

tcurdt

comment created time in a month

startedjimniels/netlibox

started time in a month

issue openedtdewolff/canvas

multi-page pdfs

Is there a way a generating multi-page pdfs?

Right now I am generating the pages individually and then combine them later on.

created time in a month

startedwulkano/Kap

started time in a month

startedmeshtastic/Meshtastic-device

started time in a month

startedngosang/trackerslist

started time in a month

startedAndrewMarchukov/tracker-add

started time in a month

push eventtcurdt/jdeb

Adam Retter

commit sha 79f8453ded4767fd61a7e7d479db0a10c87c1833

Interpolate the control/copyright file (#304)

view details

push time in a month

more