profile
viewpoint
Mark Wheeler wheeler @Gusto San Francisco, CA Engineer @Gusto. Formerly @emmerge, NetSuite

wheeler/codeship-meteor-packages 2

Codeship support for Meteor (Smart) Packages

wheeler/Graviscope 2

The Discover Meteor book's example app using Graviton.

wheeler/famous-demo 1

Some demos using famo.us

wheeler/lightsuit 1

Arduino for driving and controlling a custom LED lightsuit

Gusto/eslint-plugin-gusto 0

Custom Gusto ESLint rules

wheeler/accounts-dropbox 0

Login service for Dropbox accounts

wheeler/Adafruit_SSD1306 0

SSD1306 oled driver library for 'monochrome' 128x64 and 128x32 OLEDs!

wheeler/codemods-and-linters 0

Codemods and eslint rules written by @wheeler

startedatlassian/yarn-deduplicate

started time in a month

startednpm/node-semver

started time in a month

push eventwheeler/yarn-comb

Mark Wheeler

commit sha 4638e55c673d29ad8eaf3693433a0ee986128085

start re-arranging

view details

push time in a month

push eventwheeler/yarn-comb

Mark Wheeler

commit sha c725a5a61dfecea2f1af1de758a11bc0fdcdbcdd

first auto-fix functionality

view details

push time in a month

push eventwheeler/yarn-comb

Mark Wheeler

commit sha 30996ba57240b5acab5698f2a389d96f4748eef5

Restructure to array, better parsing

view details

push time in 2 months

push eventwheeler/yarn-comb

Mark Wheeler

commit sha 50425baab4dcceb1946f83ec7449079ff048c4ad

first WIP

view details

push time in 2 months

create barnchwheeler/yarn-comb

branch : master

created branch time in 2 months

created repositorywheeler/yarn-comb

A tool to clean and understand your yarn.lock [WIP]

created time in 2 months

issue openedapollographql/apollo-tooling

Multiple pkg versions in tree. Request: release current `apollo-language-server`

This renovate PR https://github.com/apollographql/apollo-tooling/pull/2065 for apollo-language-server updates the dependency of @apollo/federation to the current version 0.19.1. It has not been released and as a result it is not possible to use the latest versions of apollo and @apollo/federation without getting two versions of @apollo/federation.

Releasing a patch version of apollo-language-server would fix this.

Related Question:

Why do all Apollo projects seem to use strict dependency versions? (ex: @0.19.0 instead of @~0.19.0, @^0.19.0, etc.) Strict version requirements make maintaining a project that uses Apollo really painful. If semver is being followed patch versions should never be cause for conflict. Doing project version upgrades must all be done simultaneously or you get an explosion of copies of inner dependencies. It seems especially confounding to use strict dependencies within this project/team's own ecosystem where adherence to semver can be assured.

<hr/>

Intended outcome:

Projects should be able to only use one version of major packages

Actual outcome:

yarn.lock

"@apollo/federation@0.19.0":
  version "0.19.0"
  resolved "https://registry.yarnpkg.com/@apollo/federation/-/federation-0.19.0.tgz#b0e43f034e31ef391f44be01db3a8ef0e0b4565b"
  integrity sha512-8cd8ftHgqaseDTN7RJrROT6FT1xy8RV2Qb9BGhhqPVMHqf08GtidBqQTk6hv1UDR0qu/TRZA6J4Kh7oXeMrPQg==
  dependencies:
    apollo-graphql "^0.5.0"
    apollo-server-env "^2.4.5"
    core-js "^3.4.0"
    lodash.xorby "^4.7.0"

"@apollo/federation@^0.19.1":
  version "0.19.1"
  resolved "https://registry.yarnpkg.com/@apollo/federation/-/federation-0.19.1.tgz#4d4f227a2da1efb42f6569114fb0aae7b03af505"
  integrity sha512-32l2XoyDZfqwCObm2iazwa2vlsEYHzBLwsoCJccd6pdW8PAoK+IoKWJqNrMTwVYYNvRvd6YI+VtZPGo460GqDA==
  dependencies:
    apollo-graphql "^0.4.0"
    apollo-server-env "^2.4.3"
    apollo-graphql "^0.5.0"
    apollo-server-env "^2.4.5"
    core-js "^3.4.0"
    lodash.xorby "^4.7.0"

How to reproduce the issue:

Put the following dependencies in package.json, then run yarn install

apollo@^2.30.2
@apollo/federation@^0.19.1
@apollo/gateway@^0.19.1

Versions

apollo@^2.30.2
@apollo/federation@^0.19.1
@apollo/gateway@^0.19.1

"@apollo/federation@0.19.0":
  version "0.19.0"
  resolved "https://registry.yarnpkg.com/@apollo/federation/-/federation-0.19.0.tgz#b0e43f034e31ef391f44be01db3a8ef0e0b4565b"
  integrity sha512-8cd8ftHgqaseDTN7RJrROT6FT1xy8RV2Qb9BGhhqPVMHqf08GtidBqQTk6hv1UDR0qu/TRZA6J4Kh7oXeMrPQg==
  dependencies:
    apollo-graphql "^0.5.0"
    apollo-server-env "^2.4.5"
    core-js "^3.4.0"
    lodash.xorby "^4.7.0"

"@apollo/federation@^0.19.1":
  version "0.19.1"
  resolved "https://registry.yarnpkg.com/@apollo/federation/-/federation-0.19.1.tgz#4d4f227a2da1efb42f6569114fb0aae7b03af505"
  integrity sha512-32l2XoyDZfqwCObm2iazwa2vlsEYHzBLwsoCJccd6pdW8PAoK+IoKWJqNrMTwVYYNvRvd6YI+VtZPGo460GqDA==
  dependencies:
    apollo-graphql "^0.4.0"
    apollo-server-env "^2.4.3"
    apollo-graphql "^0.5.0"
    apollo-server-env "^2.4.5"
    core-js "^3.4.0"
    lodash.xorby "^4.7.0"

$ yarn why @apollo/federation
=> Found "@apollo/federation@0.19.1"
info Has been hoisted to "@apollo/federation"
info Reasons this module exists
   - Specified in "dependencies"
   - Hoisted from "@apollo#gateway#@apollo#federation"
info Disk size without dependencies: "1.54MB"
info Disk size with unique dependencies: "9.23MB"
info Disk size with transitive dependencies: "15.95MB"
info Number of shared dependencies: 29
=> Found "apollo-language-server#@apollo/federation@0.19.0"
info This module exists because "apollo#apollo-language-server" depends on it.
info Disk size without dependencies: "1.51MB"
info Disk size with unique dependencies: "9.21MB"
info Disk size with transitive dependencies: "15.93MB"
info Number of shared dependencies: 29

created time in 2 months

delete branch wheeler/react-hotkeys-hook

delete branch : patch-1

delete time in 2 months

PR opened JohannesKlauss/react-hotkeys-hook

fix(dependencies): move `np` to devDependency

Package np is not used in the source code. Having np in dependencies means all projects that list react-hotkeys-hook in their dependencies will have their package manager install np and all it's crazy sprawling sub-dependencies.

Example: dependabot wants to upgrade just this package in a sample project, results in 800+ lines added to yarn.lock:

Screenshot 2020-07-29 02 45 47

+2 -2

0 comment

1 changed file

pr created time in 2 months

push eventwheeler/react-hotkeys-hook

Mark Wheeler

commit sha 6c0c4b9b55ae0a7c663a06c42bc0b733323daa6b

fix(dependencies): move `np` to devDependency Package `np` is not used in the source code. Having `np` in `dependencies` means all projects that list `react-hotkeys-hook` in their dependencies will have their package manager install `np` and all it's crazy sprawling sub-dependencies.

view details

push time in 2 months

delete branch Gusto/eslint-plugin-gusto

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 2 months

push eventGusto/eslint-plugin-gusto

dependabot[bot]

commit sha 224f8e34720e9aa544ed0e393753ba808b4108fb

Bump lodash from 4.17.14 to 4.17.19 (#22) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.14 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.14...4.17.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Gusto/eslint-plugin-gusto

Bump lodash from 4.17.14 to 4.17.19 Accepted dependencies

Bumps lodash from 4.17.14 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.14...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Gusto/eslint-plugin-gusto

delete branch : dependabot/npm_and_yarn/acorn-6.4.1

delete time in 2 months

push eventGusto/eslint-plugin-gusto

dependabot[bot]

commit sha 8645e2e2bafe5a48a8140fce28c518a0552a6f09

Bump acorn from 6.2.0 to 6.4.1 (#20) Bumps [acorn](https://github.com/acornjs/acorn) from 6.2.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.2.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Gusto/eslint-plugin-gusto

Bump acorn from 6.2.0 to 6.4.1 Accepted dependencies

Bumps acorn from 6.2.0 to 6.4.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b6678e243d66846b91179d650d28453e70c"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea0ce351b54f956e2c4ed27cca9631284"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e2b1a51a26c14984dc0f5412b7151b10"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/53034126864b492da4e278628bb972cb2a9313d4"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70123449a458157dbf578afaf109a49ab"><code>efe273e</code></a> give token types and etc to plugins</li> <li><a href="https://github.com/acornjs/acorn/commit/ac6decb94a3aa4eee99230fdaf5883dfaafe8479"><code>ac6decb</code></a> Mark version 6.3.0</li> <li><a href="https://github.com/acornjs/acorn/commit/7e9817d17639d95cc6dbacfde734a0626b2a7dea"><code>7e9817d</code></a> Allow sourceType: module even with ecmaVersion < 6</li> <li><a href="https://github.com/acornjs/acorn/commit/e2b8cc087386eccc2ad6fd4a02b4257833557cb3"><code>e2b8cc0</code></a> Fix broken parsing of new expressions when allowReserved=="never"</li> <li><a href="https://github.com/acornjs/acorn/commit/1555c528855b10320ce98b4154906d7898c92990"><code>1555c52</code></a> Update acorn.d.ts</li> <li><a href="https://github.com/acornjs/acorn/commit/77c20fa2c2f490e646b67e6a0ff7e75fb54ab6c8"><code>77c20fa</code></a> Mark version 6.2.1</li> <li>Additional commits viewable in <a href="https://github.com/acornjs/acorn/compare/6.2.0...6.4.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha 640dda41ab5f86140ee82cef2869e4422628b06e

feat: Fix React 16.9 warnings (#35) This, to me looks like a side effect on prop change so I followed guidance here: [ReactJs.org - Side effects on props change](https://reactjs.org/blog/2018/03/27/update-on-async-rendering.html#side-effects-on-props-change) Also bumped a bunch of devDependencies.

view details

push time in 2 months

push eventGusto/react-masked-field

Rylan Collins

commit sha 1bee85ec59912d1676d05e6857bb92f0b8578b1d

build: Add semantic-release for publishing (#37) * build: Add semantic-release for publishing * ci: Fix circle config * chore: Deprecate old changelog * build: Fix building before publishing * build: Support publishing prereleases

view details

dependabot[bot]

commit sha 26f93cd17473ed174dbbb9e7c3995efe55ba567b

Bump lodash from 4.17.11 to 4.17.19 (#36) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

Mark Wheeler

commit sha 640dda41ab5f86140ee82cef2869e4422628b06e

feat: Fix React 16.9 warnings (#35) This, to me looks like a side effect on prop change so I followed guidance here: [ReactJs.org - Side effects on props change](https://reactjs.org/blog/2018/03/27/update-on-async-rendering.html#side-effects-on-props-change) Also bumped a bunch of devDependencies.

view details

push time in 2 months

delete branch Gusto/react-masked-field

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 2 months

push eventGusto/react-masked-field

dependabot[bot]

commit sha 26f93cd17473ed174dbbb9e7c3995efe55ba567b

Bump lodash from 4.17.11 to 4.17.19 (#36) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Gusto/react-masked-field

Bump lodash from 4.17.11 to 4.17.19 Accepted dependencies

Bumps lodash from 4.17.11 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.11...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -45

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Gusto/react-masked-field

delete branch : mw-r169

delete time in 2 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha 72ab80d14394bffc613bcc8d455e6144bb3fdcfe

feat: Fix React 16.9 warnings (#35) This, to me looks like a side effect on prop change so I followed guidance here: [ReactJs.org - Side effects on props change](https://reactjs.org/blog/2018/03/27/update-on-async-rendering.html#side-effects-on-props-change) Also bumped a bunch of devDependencies.

view details

push time in 2 months

PR merged Gusto/react-masked-field

feat: Fix React 16.9 warnings Accepted

This, to me looks like a side effect on prop change so I followed guidance here: ReactJs.org - Side effects on props change

+1981 -2026

0 comment

3 changed files

wheeler

pr closed time in 2 months

push eventGusto/refluxjs

Mark Wheeler

commit sha 3c938817ec3e019fece0cfe8039e92ce8c97707c

Bump version to get dependency bumps

view details

push time in 2 months

delete branch Gusto/refluxjs

delete branch : dependabot/npm_and_yarn/stringstream-0.0.6

delete time in 2 months

push eventGusto/refluxjs

dependabot[bot]

commit sha ce7cf9e3b510a8d2c3340213a7f29257773b3cd0

Bump stringstream from 0.0.5 to 0.0.6 (#3) Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. - [Release notes](https://github.com/mhart/StringStream/releases) - [Commits](https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged Gusto/refluxjs

Bump stringstream from 0.0.5 to 0.0.6 Accepted dependencies

Bumps stringstream from 0.0.5 to 0.0.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mhart/StringStream/commit/fee31c5c4a5efc7c7cc2fde4aee633dedefd6d67"><code>fee31c5</code></a> 0.0.6</li> <li><a href="https://github.com/mhart/StringStream/commit/2f4a9d496f94b0880e01a26857aa266a5a3ef274"><code>2f4a9d4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mhart/StringStream/issues/9">#9</a> from mhart/fix-buffer-constructor-vuln</li> <li><a href="https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b"><code>afbc744</code></a> Ensure data is not a number in Buffer constructor</li> <li>See full diff in <a href="https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch Gusto/refluxjs

delete branch : dependabot/npm_and_yarn/is-my-json-valid-2.20.0

delete time in 2 months

push eventGusto/refluxjs

dependabot[bot]

commit sha a12863e13ded62e97f92623b1e06c3bd5f92a1c8

Bump is-my-json-valid from 2.16.0 to 2.20.0 (#2)

view details

push time in 2 months

PR merged Gusto/refluxjs

Bump is-my-json-valid from 2.16.0 to 2.20.0 Accepted dependencies

Bumps is-my-json-valid from 2.16.0 to 2.20.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/60111f47ee8a0971a2e1229070d47172ce4667c5"><code>60111f4</code></a> 2.20.0</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/8c11f77cbd63a7a519daa8f5d4706a760140856b"><code>8c11f77</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/175">#175</a> from LinusU/meta</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/b6d9b3fbbf7b411654a4fd1dae4ceaba65063b4e"><code>b6d9b3f</code></a> Cleanup package metadata</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/dcea5be83be29ea444c81bd83e7aef732a11c003"><code>dcea5be</code></a> 2.19.0</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/17128116bc5b3268f2151aecc1d7eee3d3604793"><code>1712811</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/171">#171</a> from mafintosh/ts-nullable</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/fad4c911ddfd736d5929b40326c47454eac76d5f"><code>fad4c91</code></a> Add nullable types to TypeScript typings</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/484197f0e44ca42112a5ae54615d5e0173769236"><code>484197f</code></a> Add test for nested object in typings</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/4bec868bc57eeb70000262c328e542f062435289"><code>4bec868</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/168">#168</a> from mafintosh/ts-oneof</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/e8c30d543be8fce0c5fdbc628694611c9fb854c7"><code>e8c30d5</code></a> Add support for "oneOf" to TypeScript typings</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/7160756a7406de0abec9dd8e84404e5276aa66ec"><code>7160756</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/167">#167</a> from mafintosh/ts-required</li> <li>Additional commits viewable in <a href="https://github.com/mafintosh/is-my-json-valid/compare/v2.16.0...v2.20.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~linusu">linusu</a>, a new releaser for is-my-json-valid since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+14 -7

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha aa37dfdd120ec061d04d45d175f6bccf9867ef52

undo stuff sem-rel will handle

view details

push time in 2 months

Pull request review commentGusto/react-masked-field

feat: Fix React 16.9 warnings

+## 2.1.0 (July 13, 2020)++### Internal Changes+* Refactor use of `componentWillReceiveProps` to avoid React 16.9 deprecation warnings.

Personally, I would call the removing of deprecation warnings a feature.

Agree (I versioned to 2.1.0 to reflect that)

Just format the title of the PR to match what type of release we want.

Updated title.

wheeler

comment created time in 2 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha cc884352005c9369e8484e877e2265ba80f3eae2

change changelog

view details

push time in 2 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha 296fa5937f6422e91423bf4cdc6009f7312685c8

enzyme-adapter-react

view details

push time in 3 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha cb1d9a3f214f1feb9bddd2cef7c15ad8a9ec3f4e

simpler changelog

view details

push time in 3 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha edbdd7f1a4577a59578f36f1759d0394f8ab648c

rollup@2

view details

push time in 3 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha 4d429490b81b63e4179d579ae2d26d14042b4ff8

typescript-eslint-parser@21

view details

Mark Wheeler

commit sha 15baf77c936643dba2520d6ed31a1cee03b1b4eb

more dependencies

view details

Mark Wheeler

commit sha b63a8d801f0ce3bf70e43ee2f9166fba7b2463d4

limit eslint-config-gusto

view details

Mark Wheeler

commit sha 5f8070accb8405598f9a9cbf44372c50f90666e5

jest@26

view details

Mark Wheeler

commit sha d52dddd04baf846783d8d9cdb1fa0f5ffe107781

typescript@3.9

view details

push time in 3 months

push eventGusto/react-masked-field

Mark Wheeler

commit sha 212d514810a979141872ae51a74e1d46db041dda

dev dependency bumps

view details

push time in 3 months

PR opened Gusto/react-masked-field

Fix React 16.9 warnings
+13 -10

0 comment

3 changed files

pr created time in 3 months

create barnchGusto/react-masked-field

branch : mw-r169

created branch time in 3 months

startedEmuELEC/EmuELEC

started time in 3 months

delete branch wheeler/react-router

delete branch : patch-1

delete time in 3 months

pull request commentReactTraining/react-router

chore(docs): update link to "blocking" docs

Pretty weird that was created 3 minutes after mine...

wheeler

comment created time in 3 months

PR opened ReactTraining/react-router

chore(docs): update link to "blocking" docs

In https://github.com/ReactTraining/history/commit/9532fb2170ab8000bddf69116661a9cb400c1ed6 the docs for blocking transitions file was renamed but this reference to it was not updated.

+1 -1

0 comment

1 changed file

pr created time in 3 months

push eventwheeler/react-router

Mark Wheeler

commit sha bb59840cc25dba89e352d0018cb4dec9e6b11403

chore(docs): update link to "blocking" docs In https://github.com/ReactTraining/history/commit/9532fb2170ab8000bddf69116661a9cb400c1ed6 the docs for blocking transitions file was renamed but this reference to it was not updated.

view details

push time in 3 months

more