profile
viewpoint
Jen Garcia cuibonobo @FloydCounty Atlanta, GA https://haverstack.com I'm a Software Engineer for Floyd County Productions, makers of "Archer" on FX. Putting technology in the hands of artists is my favorite thing.

typeorm/expo-example 10

Example of using the Expo driver with TypeORM

cuibonobo/nds_vscode_template 3

A template for developing Nintendo DS homebrew in Visual Studio Code.

cuibonobo/cuibonobo 0

My npm card ✨

cuibonobo/expo-example 0

Example of using the Expo driver with TypeORM

cuibonobo/journal-starter 0

Eating my own dog food

cuibonobo/knex-express-project-sample 0

An example project structure using Express and Knex

cuibonobo/mobx-react-typescript-boilerplate 0

Minimal boilerplate for a single-page app using React, TypeScript, TSX, Webpack

cuibonobo/orogene 0

A next-generation platform and package manager for Node.js-compatible and frontend JavaScript projects!

cuibonobo/support-my-work 0

A WordPress widget that displays a PayPal "Buy Now" and lets users specify the amount that they wish to pay.

issue commenttypeorm/expo-example

Error when generating migration

This seems like a transpilation issue. Could you post what your tsconfig.json looks like?

mlm625

comment created time in 4 days

startedDylanVann/ant-design-draggable-modal

started time in 16 days

issue commentant-design/ant-design

Down arrow on a <Select> component will open the drop-down but not select the first option

Thanks for providing a solution, but the documentation for defaultActiveFirstOption says that the default value for this option is true. If that were the case, the desired behavior would happen by default without needing to specify the option.

It seems to me like there is still a bug: either the default behavior for defaultActiveFirstOption is incorrect, or the documentation should list the default value as false.

cuibonobo

comment created time in a month

push eventHaverstack/secretary

dependabot[bot]

commit sha a48f422b55eeacd75080a1e806849fa73d578c52

Bump node-forge from 0.9.1 to 0.10.0 Bumps [node-forge](https://github.com/digitalbazaar/forge) from 0.9.1 to 0.10.0. - [Release notes](https://github.com/digitalbazaar/forge/releases) - [Changelog](https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md) - [Commits](https://github.com/digitalbazaar/forge/compare/0.9.1...0.10.0) Signed-off-by: dependabot[bot] <support@github.com>

view details

Jen Garcia

commit sha 5381e0a589b9a5e664c8552364c843495e467c8f

Merge pull request #4 from Haverstack/dependabot/npm_and_yarn/node-forge-0.10.0 Bump node-forge from 0.9.1 to 0.10.0

view details

push time in a month

PR merged Haverstack/secretary

Bump node-forge from 0.9.1 to 0.10.0 dependencies

Bumps node-forge from 0.9.1 to 0.10.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md">node-forge's changelog</a>.</em></p> <blockquote> <h2>0.10.0 - 2020-09-01</h2> <h3>Changed</h3> <ul> <li><strong>BREAKING</strong>: Node.js 4 no longer supported. The code <em>may</em> still work, and non-invasive patches to keep it working will be considered. However, more modern tools no longer support old Node.js versions making testing difficult.</li> </ul> <h3>Removed</h3> <ul> <li><strong>BREAKING</strong>: Remove <code>util.getPath</code>, <code>util.setPath</code>, and <code>util.deletePath</code>. <code>util.setPath</code> had a potential prototype pollution security issue when used with unsafe inputs. These functions are not used by <code>forge</code> itself. They date from an early time when <code>forge</code> was targeted at providing general helper functions. The library direction changed to be more focused on cryptography. Many other excellent libraries are more suitable for general utilities. If you need a replacement for these functions, consier <code>get</code>, <code>set</code>, and <code>unset</code> from <a href="https://lodash.com/">lodash</a>. But also consider the potential similar security issues with those APIs.</li> </ul> <h2>0.9.2 - 2020-09-01</h2> <h3>Changed</h3> <ul> <li>Added <code>util.setPath</code> security note to function docs and to README.</li> </ul> <h3>Notes</h3> <ul> <li><strong>SECURITY</strong>: The <code>util.setPath</code> function has the potential to cause prototype pollution if used with unsafe input. <ul> <li>This function is <strong>not</strong> used internally by <code>forge</code>.</li> <li>The rest of the library is unaffected by this issue.</li> <li><strong>Do not</strong> use unsafe input with this function.</li> <li>Usage with known input should function as expected. (Including input intentionally using potentially problematic keys.)</li> <li>No code changes will be made to address this issue in 0.9.x. The current behavior <em>could</em> be considered a feature rather than a security issue. 0.10.0 will be released that removes <code>util.getPath</code> and <code>util.setPath</code>. Consider <code>get</code> and <code>set</code> from <a href="https://lodash.com/">lodash</a> if you need replacements. But also consider the potential similar security issues with those APIs.</li> <li><a href="https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677">https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677</a></li> <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720</a></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/digitalbazaar/forge/commit/8018c3ea6f8e75d2df1b9ce4ec9c536db3db37e6"><code>8018c3e</code></a> Release 0.10.0.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756"><code>6a1e3ef</code></a> Remove object path functions.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/30d560c6b522b9a97a67d9101ecf8f860a4ba63a"><code>30d560c</code></a> Remove Node.js 4 support.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/1ba83ecca436c2e1d0d37ea154467e9934019504"><code>1ba83ec</code></a> Update dependencies.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/81abd87a9a8ef705af17d1e712a086ef4b7869a1"><code>81abd87</code></a> Improve linting.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/7b59028142bb5f5e299df0d0931a8306d7d7046b"><code>7b59028</code></a> Test on Node.js 14.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/ba13a1c8bfdb1d6abb286fa7fcb82a57b40ae345"><code>ba13a1c</code></a> Update webpack.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/c8d5395e078f838604eb9df32ef9d298288057fd"><code>c8d5395</code></a> Add travis browser test names.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/afc5a728f5c6bf5cb80eddb5b85c7340b28bfa51"><code>afc5a72</code></a> Update dependencies.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/ba0207fa359f79a5af0e71d12f488a846e9265f6"><code>ba0207f</code></a> Test on Node.js 12.</li> <li>Additional commits viewable in <a href="https://github.com/digitalbazaar/forge/compare/0.9.1...0.10.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

0 comment

2 changed files

dependabot[bot]

pr closed time in a month

issue openedant-design/ant-design

Down arrow on a <Select> component will open the drop-down but not select the first option

  • [x] I have searched the issues of this repository and believe that this is not a duplicate.

Reproduction link

Edit on CodeSandbox

Steps to reproduce

Once the example has completely loaded, the select element should be automatically focused. Hit the down arrow on the keyboard to open the drop-down.

What is expected?

The first option should be selected when the drop-down opens by hitting the down arrow.

What is actually happening?

The drop-down opens, but the first option is not selected.

Environment Info
antd 4.6.5
React 16.13.1
System Windows 10
Browser Firefox 80.0.1

The Select element requires that you press the down arrow twice in order to select the first option. This is not consistent with the default HTML select element. In addition, hitting the Tab key does not select the currently highlighted option, but this is a separate issue: #26876.

<!-- generated by ant-design-issue-helper. DO NOT REMOVE -->

created time in a month

issue commentant-design/ant-design

Tabbing to select active option in <Select>

I would also like to see this! The current behavior is not consistent with the default HTML select and is an accessibility / muscle-memory issue.

veltman

comment created time in a month

PR opened orogene/orogene

Point the members link to the MEMBERs.md doc

Just a quick doc fix.

+1 -1

0 comment

1 changed file

pr created time in 2 months

push eventcuibonobo/orogene

Jen Garcia

commit sha 50848e4dcd2e004e0cb4d836d6a12e20cfd908d5

Point the members link to the MEMBERs.md doc

view details

push time in 2 months

fork cuibonobo/orogene

A next-generation platform and package manager for Node.js-compatible and frontend JavaScript projects!

fork in 2 months

started996icu/996.ICU

started time in 2 months

startedtokejepsen/ftrack-hooks

started time in 2 months

startedzinc-collective/compensated

started time in 2 months

startedregnaio/sapper-typescript

started time in 2 months

issue openedzkat/ama

What was the "interview gauntlet" at Microsoft like?

First of all, if you prefer a different contact format or just don't have time to answer, feel free to close this issue. I initially thought of sending you an email or Twitter DM, but since this repo was still open I figured I would give it a shot.

In a recent comment on your Dev.to AMA, you mentioned that at first you cancelled the on-site interview because the idea of going through an "interview gauntlet" stressed you out. Can you describe what that interview process was like?

I have been making software at an animation studio for about 5 years now and I'm really proud of the tools that I've built, but the lack of resources and support are pushing me to consider applying to a software company. My degree is in Electrical Engineering, not CompSci, so the gaps in my knowledge are giving me anxiety.

I've been following you on Twitter for a few years now and I decided to reach out directly because we're both Boricua women, so I figured your perspective would align more with my own.

Thanks and solidarity.

created time in 2 months

startedzkat/ama

started time in 2 months

startedxlcollaborative/xlc-agreement

started time in 2 months

push eventcuibonobo/typeorm-package

dependabot[bot]

commit sha ec7090122ae506c462e558be646547a843902b71

Bump class-transformer from 0.2.3 to 0.3.1 Bumps [class-transformer](https://github.com/typestack/class-transformer) from 0.2.3 to 0.3.1. - [Release notes](https://github.com/typestack/class-transformer/releases) - [Changelog](https://github.com/typestack/class-transformer/blob/develop/CHANGELOG.md) - [Commits](https://github.com/typestack/class-transformer/compare/v0.2.3...v0.3.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Jen Garcia

commit sha 7a888aaf153407c156cff99cf06bb154aeaa1edc

Merge pull request #1 from cuibonobo/dependabot/npm_and_yarn/class-transformer-0.3.1 Bump class-transformer from 0.2.3 to 0.3.1

view details

push time in 3 months

PR merged cuibonobo/typeorm-package

Bump class-transformer from 0.2.3 to 0.3.1 dependencies

Bumps class-transformer from 0.2.3 to 0.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typestack/class-transformer/blob/develop/CHANGELOG.md">class-transformer's changelog</a>.</em></p> <blockquote> <h3>[0.3.1][v0.3.1] - 2020-07-29</h3> <h4>Added</h4> <ul> <li>table of content added to readme</li> </ul> <h4>Changed</h4> <ul> <li>moved from Mocha to Jest</li> <li>added Prettier for code formatting</li> <li>added Eslint for linting</li> <li>updated CI configuration</li> <li>removed some unused dev dependencies</li> <li>updated dependencies to latest version</li> </ul> <h4>Fixed</h4> <ul> <li>circular dependency fixed</li> <li>dev dependencies removed from package.json before publishing (no more security warnings)</li> <li>transformer order is deterministic now (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/231">#231</a>)</li> <li>fix prototype pollution issue (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/367">#367</a>)</li> <li>various fixes in documentation</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typestack/class-transformer/commit/7020a72bca9765d08a6e91f2fd1152c0012c426c"><code>7020a72</code></a> merge: release 0.3.1 (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/382">#382</a>)</li> <li><a href="https://github.com/typestack/class-transformer/commit/ba88a607635c8325971d7c6f8ef6102c71049d39"><code>ba88a60</code></a> build: bump version to 0.3.1</li> <li><a href="https://github.com/typestack/class-transformer/commit/9b634f55ea04c7e8d1f9eaed95625cbad176f4fb"><code>9b634f5</code></a> docs: add changelog for 0.3.1</li> <li><a href="https://github.com/typestack/class-transformer/commit/9c61afff2aab046c3bfb16d8c437a13f57cab7dd"><code>9c61aff</code></a> refactor: extract TransformationType enum from executor (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/380">#380</a>)</li> <li><a href="https://github.com/typestack/class-transformer/commit/b8f4c47743bc338bb2dcc979664689cfd011378c"><code>b8f4c47</code></a> build: strip pacakge.json before publishing package</li> <li><a href="https://github.com/typestack/class-transformer/commit/f6413c9912f5b7db9174b674625d23933a6d46c8"><code>f6413c9</code></a> refactor: format code with prettier (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/379">#379</a>)</li> <li><a href="https://github.com/typestack/class-transformer/commit/a79772644d83fb63e0764c1bd522542f29dd7a83"><code>a797726</code></a> build: update eslint config (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/377">#377</a>)</li> <li><a href="https://github.com/typestack/class-transformer/commit/376e4d65ae9d3329994f8aaeb35601b53927fb2d"><code>376e4d6</code></a> merge: update project tooling (<a href="https://github-redirect.dependabot.com/typestack/class-transformer/issues/376">#376</a>)</li> <li><a href="https://github.com/typestack/class-transformer/commit/2a1529592986a34b9c4b95710e948a1930ced934"><code>2a15295</code></a> style: remove empty firstline from Codecov config</li> <li><a href="https://github.com/typestack/class-transformer/commit/4d587dc23177b1182eff6ff72fad29faa710dc4c"><code>4d587dc</code></a> style: add newline to end of config files</li> <li>Additional commits viewable in <a href="https://github.com/typestack/class-transformer/compare/v0.2.3...v0.3.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~typestack-release-bot">typestack-release-bot</a>, a new releaser for class-transformer since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventHaverstack/secretary

dependabot[bot]

commit sha e758cfa5ad32e514f9019861e9c6fed89280f7b7

Bump lodash from 4.17.15 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

Jen Garcia

commit sha 5e7ad24d346e98cf2b36957fbb31b9913681d72c

Merge pull request #3 from Haverstack/dependabot/npm_and_yarn/lodash-4.17.19 Bump lodash from 4.17.15 to 4.17.19

view details

push time in 3 months

PR merged Haverstack/secretary

Bump lodash from 4.17.15 to 4.17.19 dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventcuibonobo/journal-starter

dependabot[bot]

commit sha 52b4ef8cceefdc02ede7f8669b8b789f70e21796

Bump lodash from 4.17.15 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

Jen Garcia

commit sha bad1cf2ee99831e08da526256fc4333d67fc9b64

Merge pull request #18 from cuibonobo/dependabot/npm_and_yarn/lodash-4.17.19 Bump lodash from 4.17.15 to 4.17.19

view details

push time in 3 months

PR merged cuibonobo/journal-starter

Bump lodash from 4.17.15 to 4.17.19 dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

startediconic/open-iconic

started time in 3 months

issue closedHaverstack/secretary

Intermittent test failure for ID generation

Sometimes this test will fail by one: https://github.com/haverstack/secretary/blob/96a41490bb8948545788eb39263b18ad1959f41a/src/id.test.ts#L40-L57

closed time in 3 months

cuibonobo

issue commentHaverstack/secretary

Intermittent test failure for ID generation

Turns out the logic for saving "seen" random character suffixes was slightly flawed. Fixed in the art school version.

cuibonobo

comment created time in 3 months

more