profile
viewpoint

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Bump elliptic from 6.4.0 to 6.5.3

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

dependabot[bot]

comment created time in a month

delete branch auth0-extensions/auth0-sso-dashboard-extension

delete branch : remove_codeql

delete time in 2 months

push eventauth0-extensions/auth0-sso-dashboard-extension

Eva Sarafianou

commit sha 55013d9b0f89e8bb41ca4052cdc45951298a6d14

Temporarily disable scans

view details

Eva Sarafianou

commit sha e9e457e452965461cd588d2bfb2060849e0c502d

Merge pull request #76 from auth0-extensions/remove_codeql Temporarily disable scans

view details

push time in 2 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Temporarily disable scans

Code Climate has analyzed commit 55013d9b and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.9% (0.0% change).

View more on Code Climate.

esarafianou

comment created time in 2 months

create barnchauth0-extensions/auth0-sso-dashboard-extension

branch : remove_codeql

created branch time in 2 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Bump http-proxy from 1.17.0 to 1.18.1

Code Climate has analyzed commit 4425e0fb and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.9% (0.0% change).

View more on Code Climate.

dependabot[bot]

comment created time in 3 months

PR opened auth0-extensions/auth0-sso-dashboard-extension

Bump http-proxy from 1.17.0 to 1.18.1

Bumps http-proxy from 1.17.0 to 1.18.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md">http-proxy's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...v1.18.1">v1.18.1</a> - 2020-05-17</h2> <h3>Merged</h3> <ul> <li>Skip sending the proxyReq event when the expect header is present <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1447"><code>#1447</code></a></li> <li>Remove node6 support, add node12 to build <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1397"><code>#1397</code></a></li> </ul> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.17.0...1.18.0">1.18.0</a> - 2019-09-18</h2> <h3>Merged</h3> <ul> <li>Added in auto-changelog module set to keepachangelog format <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1373"><code>#1373</code></a></li> <li>fix 'Modify Response' readme section to avoid unnecessary array copying <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1300"><code>#1300</code></a></li> <li>Fix incorrect target name for reverse proxy example <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1135"><code>#1135</code></a></li> <li>Fix modify response middleware example <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1139"><code>#1139</code></a></li> <li>[dist] Update dependency async to v3 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1359"><code>#1359</code></a></li> <li>Fix path to local http-proxy in examples. <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1072"><code>#1072</code></a></li> <li>fix reverse-proxy example require path <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1067"><code>#1067</code></a></li> <li>Update README.md <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/970"><code>#970</code></a></li> <li>[dist] Update dependency request to ~2.88.0 [SECURITY] <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1357"><code>#1357</code></a></li> <li>[dist] Update dependency eventemitter3 to v4 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1365"><code>#1365</code></a></li> <li>[dist] Update dependency colors to v1 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1360"><code>#1360</code></a></li> <li>[dist] Update all non-major dependencies <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1356"><code>#1356</code></a></li> <li>[dist] Update dependency agentkeepalive to v4 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1358"><code>#1358</code></a></li> <li>[dist] Update dependency nyc to v14 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1367"><code>#1367</code></a></li> <li>[dist] Update dependency concat-stream to v2 <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1363"><code>#1363</code></a></li> <li>x-forwarded-host overwrite for mutli level proxies <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1267"><code>#1267</code></a></li> <li>[refactor doc] Complete rename to http-party org. <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1362"><code>#1362</code></a></li> <li>Highlight correct lines for createProxyServer <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1117"><code>#1117</code></a></li> <li>Fix docs for rewrite options - 201 also handled <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1147"><code>#1147</code></a></li> <li>Update .nyc_output <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1339"><code>#1339</code></a></li> <li>Configure Renovate <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1355"><code>#1355</code></a></li> <li>[examples] Restream body before proxying, support for Content-Type of application/x-www-form-urlencoded <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1264"><code>#1264</code></a></li> </ul> <h3>Commits</h3> <ul> <li>[dist] New test fixtures. <a href="https://github.com/http-party/node-http-proxy/commit/7e4a0e511bc30c059216860153301de2cdd1e97f"><code>7e4a0e5</code></a></li> <li>[dist] End of an era. <a href="https://github.com/http-party/node-http-proxy/commit/a9b09cce43f072db99fb5170030a05536177ccb7"><code>a9b09cc</code></a></li> <li>[dist] Version bump. 1.18.0 <a href="https://github.com/http-party/node-http-proxy/commit/9bbe486c5efcc356fb4d189ef38eee275bbde345"><code>9bbe486</code></a></li> <li>[fix] Latest versions. <a href="https://github.com/http-party/node-http-proxy/commit/59c4403e9dc15ab9b19ee2a3f4aecbfc6c3d94c4"><code>59c4403</code></a></li> <li>[fix test] Update tests. <a href="https://github.com/http-party/node-http-proxy/commit/dd1d08b6319d1def729554446a5b0176978a8dad"><code>dd1d08b</code></a></li> <li>[dist] Update dependency ws to v3 [SECURITY] <a href="https://github.com/http-party/node-http-proxy/commit/b00911c93740a00c5cfbacbb91565cb6912ed255"><code>b00911c</code></a></li> <li>[dist] .gitattributes all the things. <a href="https://github.com/http-party/node-http-proxy/commit/fc93520d741ec80be8ae31ca005f3e9c199e330e"><code>fc93520</code></a></li> <li>[dist] Regenerate package-lock.json. <a href="https://github.com/http-party/node-http-proxy/commit/16d4f8a95162b2e2e4ee6657c500f1208c044b2d"><code>16d4f8a</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/http-party/node-http-proxy/commit/9b96cd725127a024dabebec6c7ea8c807272223d"><code>9b96cd7</code></a> 1.18.1</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/335aeeba2f0c286dc89c402eeb76af47834c89a3"><code>335aeeb</code></a> Skip sending the proxyReq event when the expect header is present (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1447">#1447</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/dba39668ba4c9ad461316e834b2d64b77e1ca88e"><code>dba3966</code></a> Remove node6 support, add node12 to build (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1397">#1397</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/9bbe486c5efcc356fb4d189ef38eee275bbde345"><code>9bbe486</code></a> [dist] Version bump. 1.18.0</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/6e4bef4d1cd96e7a284717941e0fc274acbd3712"><code>6e4bef4</code></a> Added in auto-changelog module set to keepachangelog format (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1373">#1373</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/d05624167ce75e860770c13afeacec2ce0f67add"><code>d056241</code></a> fix 'Modify Response' readme section to avoid unnecessary array copying (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1300">#1300</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/244303b994525684e1ec8dff2e8055f89b62b1ee"><code>244303b</code></a> Fix incorrect target name for reverse proxy example (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1135">#1135</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/b4028ba78bc4616e6969e0e66b0fe4634849b68b"><code>b4028ba</code></a> Fix modify response middleware example (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1139">#1139</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/77a98159d2da0f20a03e2819c79662f36069f234"><code>77a9815</code></a> [dist] Update dependency async to v3 (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1359">#1359</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/c662f9ebcd8d623db374dbc7bef231b2b0af0c3a"><code>c662f9e</code></a> Fix path to local http-proxy in examples. (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1072">#1072</a>)</li> <li>Additional commits viewable in <a href="https://github.com/http-party/node-http-proxy/compare/1.17.0...1.18.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+52 -31

0 comment

1 changed file

pr created time in 3 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Bump is-my-json-valid from 2.16.1 to 2.20.5

Code Climate has analyzed commit 100b7655 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.9% (0.0% change).

View more on Code Climate.

dependabot[bot]

comment created time in 3 months

PR opened auth0-extensions/auth0-sso-dashboard-extension

Bump is-my-json-valid from 2.16.1 to 2.20.5

Bumps is-my-json-valid from 2.16.1 to 2.20.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/441f812eefa95ee5e0c1c9b4cba45021d2e72cfb"><code>441f812</code></a> 2.20.5</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/d36a1b1ff19fffde3c120c934320451852b2a8ab"><code>d36a1b1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/182">#182</a> from ChALkeR/chalker/fix-comma</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/b6ea4843b51f955011b7d0fab8f1734ff434d46e"><code>b6ea484</code></a> Fix uri prefix detection</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/5389c5b06ab105af08d10937151f062167e9ed6f"><code>5389c5b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/181">#181</a> from ChALkeR/chalker/fix-undef</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/df5b313f8b14738f6995729a52946d6258b8b2dd"><code>df5b313</code></a> add funding file</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/c224619b9a13a30a7afb54d2e8b4a0c7b5b7943d"><code>c224619</code></a> Fix 'required' implementation</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2534af447c2a13871c32679c7059a099ea7114b6"><code>2534af4</code></a> 2.20.4</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/22c6b768a16e95349ad14c638d0d412be6e28fd4"><code>22c6b76</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/180">#180</a> from ChALkeR/chalker/fix-style</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/ccde29dd0626d870bf61fc9c04c845017060711d"><code>ccde29d</code></a> Fix a ReDoS in 'style' format</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/9df4acbb3077bce07f74e2f788cc9bfc11e0a5b3"><code>9df4acb</code></a> 2.20.3</li> <li>Additional commits viewable in <a href="https://github.com/mafintosh/is-my-json-valid/compare/v2.16.1...v2.20.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~linusu">linusu</a>, a new releaser for is-my-json-valid since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+48 -17

0 comment

1 changed file

pr created time in 3 months

delete branch auth0-extensions/auth0-sso-dashboard-extension

delete branch : dependabot/npm_and_yarn/decompress-zip-0.3.2

delete time in 3 months

PR closed auth0-extensions/auth0-sso-dashboard-extension

Bump decompress-zip from 0.3.0 to 0.3.2 dependencies

Bumps decompress-zip from 0.3.0 to 0.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bower/decompress-zip/blob/master/changelog.md">decompress-zip's changelog</a>.</em></p> <blockquote> <h1>0.3.2 and 0.2.2</h1> <ul> <li>Fix Zip Slip Vulnerability: <a href="https://snyk.io/research/zip-slip-vulnerability">https://snyk.io/research/zip-slip-vulnerability</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bower/decompress-zip/commit/7dcf878be7884d4850c0d046f2e6559c2e00925e"><code>7dcf878</code></a> Bump to 0.3.2</li> <li><a href="https://github.com/bower/decompress-zip/commit/f605885a2c628dc844342a43290c49fe98a0423c"><code>f605885</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bower/decompress-zip/issues/63">#63</a> from Muelsy/restrict</li> <li><a href="https://github.com/bower/decompress-zip/commit/9a908bd30ec9d9b2009110691cfcbe2b96f07c95"><code>9a908bd</code></a> Restrict file extraction to the target path</li> <li><a href="https://github.com/bower/decompress-zip/commit/26807e69ed22281c94372e03ba4801d7bf07be1d"><code>26807e6</code></a> 0.3.1</li> <li><a href="https://github.com/bower/decompress-zip/commit/95b77c7e9d79074c143a77c133dd920733c277ec"><code>95b77c7</code></a> Add license file</li> <li>See full diff in <a href="https://github.com/bower/decompress-zip/compare/0.3.0...v0.3.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+41 -17

2 comments

1 changed file

dependabot[bot]

pr closed time in 3 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Bump decompress-zip from 0.3.0 to 0.3.2

Looks like decompress-zip is no longer a dependency, so this is no longer needed.

dependabot[bot]

comment created time in 3 months

push eventauth0-extensions/auth0-sso-dashboard-extension

Cristofer Gonzales

commit sha d20eaf85d5429cef25178b3005972899fefee388

remove serve dev option

view details

Cristofer Gonzales

commit sha 50ce5b33113d9f4faa3b164df0a3c9d093019a65

removes nodemon and open based on feedback

view details

Cristofer Gonzales

commit sha f2e2d85a1d88c905cfd3d0162eb7db08746f3208

Merge pull request #73 from CriGoT/remove-unused-tools Remove development serve tools

view details

push time in 3 months

PR merged auth0-extensions/auth0-sso-dashboard-extension

Remove development serve tools

✏️ Changes

We need to rethink the process to test changes locally but in the mean time we'll remove the current script.

+4 -1305

1 comment

3 changed files

CriGoT

pr closed time in 3 months

Pull request review commentauth0-extensions/auth0-sso-dashboard-extension

Remove development serve tools

     "expect": "^1.20.2",     "exports-loader": "^0.6.3",     "file-loader": "^1.1.11",-    "gulp": "^3.9.1",-    "gulp-nodemon": "^2.2.1",-    "gulp-util": "^3.0.7",     "ignore-styles": "^5.0.1",     "imports-loader": "0.7.0",     "json-loader": "^0.5.4",     "mini-css-extract-plugin": "0.4.0",     "mocha": "3.2.0",-    "ngrok": "2.2.4",     "nock": "^9.0.2",     "nodemon": "^1.11.0",

You are absolutely right. I'll remove them

CriGoT

comment created time in 3 months

Pull request review commentauth0-extensions/auth0-sso-dashboard-extension

Remove development serve tools

     "expect": "^1.20.2",     "exports-loader": "^0.6.3",     "file-loader": "^1.1.11",-    "gulp": "^3.9.1",-    "gulp-nodemon": "^2.2.1",-    "gulp-util": "^3.0.7",     "ignore-styles": "^5.0.1",     "imports-loader": "0.7.0",     "json-loader": "^0.5.4",     "mini-css-extract-plugin": "0.4.0",     "mocha": "3.2.0",-    "ngrok": "2.2.4",     "nock": "^9.0.2",     "nodemon": "^1.11.0",

I guess we can remove nodemon and open too since they are no longer being used anywhere.

CriGoT

comment created time in 3 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Remove development serve tools

Code Climate has analyzed commit d20eaf85 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.9% (0.0% change).

View more on Code Climate.

CriGoT

comment created time in 3 months

PR opened auth0-extensions/auth0-sso-dashboard-extension

Remove development serve tools

✏️ Changes

We need to rethink the process to test changes locally but in the mean time we'll remove the current script.

+25 -1091

0 comment

3 changed files

pr created time in 3 months

pull request commentauth0-extensions/auth0-sso-dashboard-extension

Bump decompress-zip from 0.3.0 to 0.3.2

Code Climate has analyzed commit 56525367 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 89.9% (0.0% change).

View more on Code Climate.

dependabot[bot]

comment created time in 3 months

PR opened auth0-extensions/auth0-sso-dashboard-extension

Bump decompress-zip from 0.3.0 to 0.3.2

Bumps decompress-zip from 0.3.0 to 0.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bower/decompress-zip/blob/master/changelog.md">decompress-zip's changelog</a>.</em></p> <blockquote> <h1>0.3.2 and 0.2.2</h1> <ul> <li>Fix Zip Slip Vulnerability: <a href="https://snyk.io/research/zip-slip-vulnerability">https://snyk.io/research/zip-slip-vulnerability</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bower/decompress-zip/commit/7dcf878be7884d4850c0d046f2e6559c2e00925e"><code>7dcf878</code></a> Bump to 0.3.2</li> <li><a href="https://github.com/bower/decompress-zip/commit/f605885a2c628dc844342a43290c49fe98a0423c"><code>f605885</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bower/decompress-zip/issues/63">#63</a> from Muelsy/restrict</li> <li><a href="https://github.com/bower/decompress-zip/commit/9a908bd30ec9d9b2009110691cfcbe2b96f07c95"><code>9a908bd</code></a> Restrict file extraction to the target path</li> <li><a href="https://github.com/bower/decompress-zip/commit/26807e69ed22281c94372e03ba4801d7bf07be1d"><code>26807e6</code></a> 0.3.1</li> <li><a href="https://github.com/bower/decompress-zip/commit/95b77c7e9d79074c143a77c133dd920733c277ec"><code>95b77c7</code></a> Add license file</li> <li>See full diff in <a href="https://github.com/bower/decompress-zip/compare/0.3.0...v0.3.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+41 -17

0 comment

1 changed file

pr created time in 3 months

more