profile
viewpoint

PR opened BadwaterBay/gen2.badwaterbay.com

Bump sass from 1.26.10 to 1.26.11

Bumps sass from 1.26.10 to 1.26.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.26.11</h2> <p>To install Sass 1.26.11, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li> <p><strong>Potentially breaking bug fix:</strong> <code>selector.nest()</code> now throws an error if the first arguments contains the parent selector <code>&</code>.</p> </li> <li> <p>Fixes a parsing bug with inline comments in selectors.</p> </li> <li> <p>Improve some error messages for edge-case parse failures.</p> </li> <li> <p>Throw a proper error when the same built-in module is <code>@use</code>d twice.</p> </li> <li> <p>Don't crash when writing <code>Infinity</code> in JS mode.</p> </li> <li> <p>Produce a better error message for positional arguments following named arguments.</p> </li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#12611">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.26.11</h2> <ul> <li> <p><strong>Potentially breaking bug fix:</strong> <code>selector.nest()</code> now throws an error if the first arguments contains the parent selector <code>&</code>.</p> </li> <li> <p>Fixes a parsing bug with inline comments in selectors.</p> </li> <li> <p>Improve some error messages for edge-case parse failures.</p> </li> <li> <p>Throw a proper error when the same built-in module is <code>@use</code>d twice.</p> </li> <li> <p>Don't crash when writing <code>Infinity</code> in JS mode.</p> </li> <li> <p>Produce a better error message for positional arguments following named arguments.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/f843f96bc2c9feb4bb7a9a308581ac249022c996"><code>f843f96</code></a> Produce a better error for positional arguments after named (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1087">#1087</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/6ec78f975bc47bfcbe826f6db0add72ca5ac16c9"><code>6ec78f9</code></a> Test against a matching sass-spec feature branch by default (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1082">#1082</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/015a76cf0b26d35d7fe99e7e28a7e5834753781e"><code>015a76c</code></a> Revert "Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>) (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1080">#1080</a>)"</li> <li><a href="https://github.com/sass/dart-sass/commit/315e86b4421fa08e4535d1a7121a6bbdc8fb6010"><code>315e86b</code></a> Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>) (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1080">#1080</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/9503b57ac5c86215e537dc2ce43321a74805e27b"><code>9503b57</code></a> Revert "Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>)"</li> <li><a href="https://github.com/sass/dart-sass/commit/bc7216a441074f6a35b62dccb7fdc17e08ae442c"><code>bc7216a</code></a> Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/830bb3aab2672acdd596361d8ba0cd1af98babef"><code>830bb3a</code></a> Move Node tests on Windows to Travis (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1063">#1063</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/a06295426df5dee8486a1d9b8c6cb0395fffc3f1"><code>a062954</code></a> Throw a proper error when the same built-in module is <a href="https://github.com/used">@used</a> twice (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1070">#1070</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/1dff9a7ce4e5fa5160c0ba7f16eddb892da6e325"><code>1dff9a7</code></a> Don't crash when writing Infinity in JS mode (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1069">#1069</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/4c0bc7f4f5545d23987bc13891a955895314656e"><code>4c0bc7f</code></a> Throw an error if the first error to selector.nest() contains & (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1068">#1068</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sass/dart-sass/compare/1.26.10...1.26.11">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+5 -5

0 comment

2 changed files

pr created time in a few seconds

pull request commentclydeortega14/sms-gateway

Bump jquery from 3.3.1 to 3.5.0 in /public/phpmyadmin

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in a few seconds

create barnchBadwaterBay/gen2.badwaterbay.com

branch : dependabot/npm_and_yarn/sass-1.26.11

created branch time in a few seconds

pull request commentclydeortega14/sms-gateway

Bump js-yaml from 3.11.0 to 3.14.0 in /public/phpmyadmin

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in a few seconds

push eventytvnr/gif-of-the-day

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha e4b064a34de6e0e7b6e2cf1889db18824b44296a

chore(deps): bump yargs-parser from 5.0.0 to 13.1.2 in /front Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 13.1.2. - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/master/docs/CHANGELOG-full.md) - [Commits](https://github.com/yargs/yargs-parser/commits) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

pull request commentclydeortega14/sms-gateway

Bump lodash from 4.17.5 to 4.17.19 in /public/phpmyadmin

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot]

comment created time in a few seconds

push eventithoq/cryolite-web

dependabot[bot]

commit sha 46ecee0b41528f3bc3813adc54ff189a0ad1c917

Bump axios from 0.16.2 to 0.18.1 Bumps [axios](https://github.com/axios/axios) from 0.16.2 to 0.18.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.18.1/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v0.16.2...v0.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 3fd4dfff7513e86aa0b6f95d7a3ccf7482a7483e

Bump lodash-es from 4.17.2 to 4.17.15 Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.2 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha ab40d3602fb25da22bf519dcda6715a9d265bea4

Bump handlebars from 4.0.6 to 4.7.6 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.6 to 4.7.6. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.6...v4.7.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha eb503d6a1e200931067a30429ddb7f3198c8d96f

Merge pull request #2 from ithoq/dependabot/npm_and_yarn/axios-0.18.1 Bump axios from 0.16.2 to 0.18.1

view details

Ithoq Projosasmito

commit sha 2d37955088e65867ec367f79c7776de53cd6d8ff

Merge pull request #4 from ithoq/dependabot/npm_and_yarn/lodash-es-4.17.15 Bump lodash-es from 4.17.2 to 4.17.15

view details

Ithoq Projosasmito

commit sha cd3654fd889c573a3781da1b3a990d8d79a90d7d

Merge pull request #5 from ithoq/dependabot/npm_and_yarn/handlebars-4.7.6 Bump handlebars from 4.0.6 to 4.7.6

view details

dependabot[bot]

commit sha 29c0c6c955576cdbfe8951afb4a68c2c382e8259

Bump eslint from 3.11.1 to 4.18.2 Bumps [eslint](https://github.com/eslint/eslint) from 3.11.1 to 4.18.2. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v3.11.1...v4.18.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha bae34e7ee71c58458dbd914f1bad69b66b2fbd62

Merge pull request #6 from ithoq/dependabot/npm_and_yarn/eslint-4.18.2 Bump eslint from 3.11.1 to 4.18.2

view details

dependabot[bot]

commit sha 49d63e0ebc1faee4ab11aae617334cf6662be998

Bump decompress-zip from 0.3.0 to 0.3.2 Bumps [decompress-zip](https://github.com/bower/decompress-zip) from 0.3.0 to 0.3.2. - [Release notes](https://github.com/bower/decompress-zip/releases) - [Changelog](https://github.com/bower/decompress-zip/blob/master/changelog.md) - [Commits](https://github.com/bower/decompress-zip/compare/0.3.0...v0.3.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

push eventLe-Roi777/Frontend-Development

dependabot[bot]

commit sha 7d2594a46d0f3a09668fa3193da68d51d09fbdae

Bump lodash from 4.17.15 to 4.17.20 in /Interest Calculation Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

delete branch MatievisTheKat/bort

delete branch : dependabot/npm_and_yarn/v2/types/node-14.10.3

delete time in a few seconds

PR closed MatievisTheKat/bort

build(deps-dev): bump @types/node from 14.10.2 to 14.10.3 dependencies

Bumps @types/node from 14.10.2 to 14.10.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in a few seconds

delete branch ithoq/cryolite-web

delete branch : dependabot/npm_and_yarn/lodash.merge-4.6.2

delete time in a few seconds

pull request commentMatievisTheKat/bort

build(deps-dev): bump @types/node from 14.10.2 to 14.10.3

Superseded by #76.

dependabot[bot]

comment created time in a few seconds

create barnchMatievisTheKat/bort

branch : dependabot/npm_and_yarn/v2/types/node-14.11.1

created branch time in a few seconds

PR opened MatievisTheKat/bort

build(deps-dev): bump @types/node from 14.10.2 to 14.11.1

Bumps @types/node from 14.10.2 to 14.11.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

0 comment

2 changed files

pr created time in a few seconds

push eventytvnr/gif-of-the-day

Aurélien Loyer

commit sha 0c4defe3b74845afd536728e06cc3d0486c675ca

fix: reset pagination offset on reset 🐛 (#159)

view details

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha d7abd800d4295dd5406093f6a3c605fc3022a320

chore(deps): bump websocket-extensions from 0.1.3 to 0.1.4 in /bbl Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4. - [Release notes](https://github.com/faye/websocket-extensions-node/releases) - [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

push eventytvnr/gif-of-the-day

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha 811dc0691ce90fdc359aa9d145a3bfbd22c44d8c

chore(deps): bump http-proxy from 1.18.0 to 1.18.1 in /front Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a few seconds

delete branch ytvnr/gif-of-the-day

delete branch : dependabot/npm_and_yarn/bbl/lodash-4.17.19

delete time in a minute

PR closed ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /bbl dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+63 -592

1 comment

1 changed file

dependabot[bot]

pr closed time in a minute

pull request commentytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /bbl

Superseded by #170.

dependabot[bot]

comment created time in a minute

PR opened ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.20 in /bbl

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+63 -592

0 comment

1 changed file

pr created time in a minute

create barnchytvnr/gif-of-the-day

branch : dependabot/npm_and_yarn/bbl/lodash-4.17.20

created branch time in a minute

push eventytvnr/gif-of-the-day

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha 0bb01d28d177f8f12313f743b63b8ddafbbf636b

chore(deps): bump @hapi/hoek from 8.5.0 to 8.5.1 in /front Bumps [@hapi/hoek](https://github.com/hapijs/hoek) from 8.5.0 to 8.5.1. - [Release notes](https://github.com/hapijs/hoek/releases) - [Commits](https://github.com/hapijs/hoek/compare/v8.5.0...v8.5.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

PR opened abraham/pwa-ng

Bump firebase from 7.20.0 to 7.21.0

Bumps firebase from 7.20.0 to 7.21.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/0558cd8410f989903d5d15f4e6930e51349c6a99"><code>0558cd8</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3785">#3785</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/80e42190022da79f851b60731d922f2a39d255dc"><code>80e4219</code></a> Fix logic (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3788">#3788</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/1309b93779f72df999af7b982bb60bcdd66bc8aa"><code>1309b93</code></a> Allow ignoring unstaged changes (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3787">#3787</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/f9004177e76f00fc484d30c0c0e7b1bc2da033f9"><code>f900417</code></a> Make != and NOT_IN publicly available (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3772">#3772</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/a865ae9eb688de931bae5f7899f0d85941a02a8d"><code>a865ae9</code></a> Don't use interface types (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3770">#3770</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/b1854ab302bcce1341cec4815299d1d9439e041b"><code>b1854ab</code></a> Fix NotInFilter matches (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3752">#3752</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/e81c429aec43cd4467089bfed68eafafba6e8ee2"><code>e81c429</code></a> Call toFirestore() only once (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3755">#3755</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/35d1c0df6d156f76b445a9fd1f16638ed9a1cfc5"><code>35d1c0d</code></a> Update dependency git-rev-sync to v3 (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3763">#3763</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/4b48167034c192603f5aede0935ce40172b80920"><code>4b48167</code></a> Update dependency node-fetch to v2.6.1 [SECURITY] (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3759">#3759</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/0eb18ca80c53a0914e5525d4d90d324c73ee6ec5"><code>0eb18ca</code></a> Merge branch 'release'</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-js-sdk/compare/firebase@7.20.0...firebase@7.21.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+24 -18

0 comment

2 changed files

pr created time in a minute

create barnchabraham/pwa-ng

branch : dependabot/npm_and_yarn/firebase-7.21.0

created branch time in a minute

push eventithoq/cryolite-web

dependabot[bot]

commit sha 3d29185d7f05b3c5396897d749a9bed09d0b70f1

Bump lodash from 4.17.2 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.2 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

delete branch yoshihide1/vue.js

delete branch : dependabot/npm_and_yarn/functions/node-fetch-2.6.1

delete time in a minute

PR opened ktemplates/kcmono

chore(deps-dev): bump prettier from 2.1.1 to 2.1.2

Bumps prettier from 2.1.1 to 2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prettier/prettier/releases">prettier's releases</a>.</em></p> <blockquote> <h2>2.1.2</h2> <p><a href="https://github.com/prettier/prettier/blob/master/CHANGELOG.md#212">🔗Changelog</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prettier/prettier/blob/master/CHANGELOG.md">prettier's changelog</a>.</em></p> <blockquote> <h1>2.1.2</h1> <p><a href="https://github.com/prettier/prettier/compare/2.1.1...2.1.2">diff</a></p> <h4>Fix formatting for directives in fields (<a href="https://github-redirect.dependabot.com/prettier/prettier/pull/9116">#9116</a> by <a href="https://github.com/sosukesuzuki">@sosukesuzuki</a>)</h4> <!-- raw HTML omitted --> <pre lang="graphql"><code># Input type Query { someQuery(id: ID!, someOtherData: String!): String! @deprecated @isAuthenticated versions: Versions! } <h1>Prettier stable</h1> <p>type Query { someQuery(id: ID!, someOtherData: String!): String! <a href="https://github.com/deprecated">@deprecated</a> <a href="https://github.com/isAuthenticated">@isAuthenticated</a> versions: Versions! }</p> <h1>Prettier master</h1> <p>type Query { someQuery(id: ID!, someOtherData: String!): String! <a href="https://github.com/deprecated">@deprecated</a> <a href="https://github.com/isAuthenticated">@isAuthenticated</a> versions: Versions! }</p> <p></code></pre></p> <h4>Fix line breaks for CSS in JS (<a href="https://github-redirect.dependabot.com/prettier/prettier/pull/9136">#9136</a> by <a href="https://github.com/sosukesuzuki">@sosukesuzuki</a>)</h4> <!-- raw HTML omitted --> <pre lang="js"><code>// Input styled.div// prettier-ignore @media (aaaaaaaaaaaaa) { z-index: ${(props) =&gt; (props.isComplete ? '1' : '0')}; }; styled.div${props =&gt; getSize(props.$size.xs)} ${props =&gt; getSize(props.$size.sm, 'sm')} ${props =&gt; getSize(props.$size.md, 'md')}; <p></tr></table> ... (truncated) </code></pre></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/prettier/prettier/commit/8eb8f9ed2dc5eb1c3e6f787e5a5e6fe68af2b8d1"><code>8eb8f9e</code></a> Release 2.1.2</li> <li><a href="https://github.com/prettier/prettier/commit/f75844a453beb6cb16791c14e5ff738c02d0b4df"><code>f75844a</code></a> Fix changelog</li> <li><a href="https://github.com/prettier/prettier/commit/9153bf20ac2dfcd525b5dd3f3b37d9b6005d20bc"><code>9153bf2</code></a> Build(deps): Bump yaml-unist-parser from 1.3.0 to 1.3.1 (<a href="https://github-redirect.dependabot.com/prettier/prettier/issues/9169">#9169</a>)</li> <li><a href="https://github.com/prettier/prettier/commit/ec1b4193079a625633dd0dc86f9a9217a3ad9d7e"><code>ec1b419</code></a> YAML: Fix printing doubles a blank line before a comment (<a href="https://github-redirect.dependabot.com/prettier/prettier/issues/9143">#9143</a>)</li> <li><a href="https://github.com/prettier/prettier/commit/ab9474eacc9c883e588ef2500c6230057328ade5"><code>ab9474e</code></a> Fix line breaks for CSS in JS (<a href="https://github-redirect.dependabot.com/prettier/prettier/issues/9136">#9136</a>)</li> <li><a href="https://github.com/prettier/prettier/commit/d5da779cb195443c935fd7171f5e81141e2f62e5"><code>d5da779</code></a> GraphQL: Fix formatting for directives in fields (<a href="https://github-redirect.dependabot.com/prettier/prettier/issues/9116">#9116</a>)</li> <li><a href="https://github.com/prettier/prettier/commit/a8363197118e530d948978da6e5c414a765ba9c0"><code>a836319</code></a> Bump Prettier dependency to 2.1.1</li> <li>See full diff in <a href="https://github.com/prettier/prettier/compare/2.1.1...2.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+5 -5

0 comment

2 changed files

pr created time in a minute

create barnchktemplates/kcmono

branch : dependabot/npm_and_yarn/prettier-2.1.2

created branch time in a minute

push eventithoq/cryolite-web

dependabot[bot]

commit sha 46ecee0b41528f3bc3813adc54ff189a0ad1c917

Bump axios from 0.16.2 to 0.18.1 Bumps [axios](https://github.com/axios/axios) from 0.16.2 to 0.18.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.18.1/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v0.16.2...v0.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 3fd4dfff7513e86aa0b6f95d7a3ccf7482a7483e

Bump lodash-es from 4.17.2 to 4.17.15 Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.2 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha ab40d3602fb25da22bf519dcda6715a9d265bea4

Bump handlebars from 4.0.6 to 4.7.6 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.6 to 4.7.6. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.6...v4.7.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha eb503d6a1e200931067a30429ddb7f3198c8d96f

Merge pull request #2 from ithoq/dependabot/npm_and_yarn/axios-0.18.1 Bump axios from 0.16.2 to 0.18.1

view details

Ithoq Projosasmito

commit sha 2d37955088e65867ec367f79c7776de53cd6d8ff

Merge pull request #4 from ithoq/dependabot/npm_and_yarn/lodash-es-4.17.15 Bump lodash-es from 4.17.2 to 4.17.15

view details

Ithoq Projosasmito

commit sha cd3654fd889c573a3781da1b3a990d8d79a90d7d

Merge pull request #5 from ithoq/dependabot/npm_and_yarn/handlebars-4.7.6 Bump handlebars from 4.0.6 to 4.7.6

view details

dependabot[bot]

commit sha 6a9e7289c87ef4de9eed61032f8373228ee9dc03

Bump minimist from 1.2.0 to 1.2.3 Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.3. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

delete branch ithoq/cryolite-web

delete branch : dependabot/npm_and_yarn/eslint-4.18.2

delete time in a minute

push eventbranoholy/update-files-action

dependabot[bot]

commit sha 78f7e94b8db42245701997721f3e70cdcb76ee74

DEPS: Bump @types/node from 14.10.3 to 14.11.1 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.10.3 to 14.11.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot[bot] <support@github.com>

view details

branoholy-bot

commit sha e1b6f6f70e5c7fec63b1f66d149dc6ecd182f86a

Merge pull request #384 from branoholy/dependabot-npm_and_yarn-types-node-14.11.1

view details

dependabot[bot]

commit sha 05083a56718f2f6dc6792d75fc1e8a95caba4297

DEPS: Bump webpack from 4.44.1 to 4.44.2 Bumps [webpack](https://github.com/webpack/webpack) from 4.44.1 to 4.44.2. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v4.44.1...v4.44.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

PR opened fkirc/bitbucket-issues-to-github

Bump mypy from 0.770 to 0.782

Bumps mypy from 0.770 to 0.782. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/python/mypy/commit/39b6bc47b9f7e7d72778886419d07eb4acf3c50a"><code>39b6bc4</code></a> Bump version to 0.782</li> <li><a href="https://github.com/python/mypy/commit/b26776d26b313d572a11e8a37707bfb759465046"><code>b26776d</code></a> Update MANIFEST to include more files needed for testing (<a href="https://github-redirect.dependabot.com/python/mypy/issues/9033">#9033</a>)</li> <li><a href="https://github.com/python/mypy/commit/e90d5f579c45be551a893d8dc8886a22e062e75c"><code>e90d5f5</code></a> Don't consider comparing True and False as a dangerous comparison (<a href="https://github-redirect.dependabot.com/python/mypy/issues/9021">#9021</a>)</li> <li><a href="https://github.com/python/mypy/commit/f956142030dee57e7283ad364d9c0c14945cb594"><code>f956142</code></a> Bump version to 0.781</li> <li><a href="https://github.com/python/mypy/commit/48dbc1c538c8ad3e8e2e5c34f3ec6a0faca55644"><code>48dbc1c</code></a> include mypyc sub directories in the sdist (<a href="https://github-redirect.dependabot.com/python/mypy/issues/8949">#8949</a>)</li> <li><a href="https://github.com/python/mypy/commit/3423b18a30ac49d6e7050abeb188ad3ba5d23d35"><code>3423b18</code></a> Add docs for no_site_packages config option (<a href="https://github-redirect.dependabot.com/python/mypy/issues/8932">#8932</a>)</li> <li><a href="https://github.com/python/mypy/commit/387be661a1f637ec168b66a8d0e86c3e1ea4e870"><code>387be66</code></a> Update docs to reflect that following imports is supported in dmypy (<a href="https://github-redirect.dependabot.com/python/mypy/issues/8930">#8930</a>)</li> <li><a href="https://github.com/python/mypy/commit/d32ec7e568493ed1c024dc83966a5da52b4cb9c4"><code>d32ec7e</code></a> Bump version</li> <li><a href="https://github.com/python/mypy/commit/42d50778078e54331a38201cf6ad8c3e6e9b3c87"><code>42d5077</code></a> Re-sync typeshed (<a href="https://github-redirect.dependabot.com/python/mypy/issues/8901">#8901</a>)</li> <li><a href="https://github.com/python/mypy/commit/f94fc7e251330f7e3668aea1f062cdbae1ed7232"><code>f94fc7e</code></a> [mypyc] Implement CallC IR (<a href="https://github-redirect.dependabot.com/python/mypy/issues/8880">#8880</a>)</li> <li>Additional commits viewable in <a href="https://github.com/python/mypy/compare/v0.770...v0.782">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+1 -1

0 comment

1 changed file

pr created time in a minute

create barnchfkirc/bitbucket-issues-to-github

branch : dependabot/pip/mypy-0.782

created branch time in a minute

push eventLe-Roi777/Frontend-Development

Le-Roi

commit sha b1da1ae160ed0f45c6a4023d2a5eaaa180766492

Update README.md

view details

Le-Roi777

commit sha 77b779d11bb57a7e3164ae74b62dda818bd0fa4a

Update

view details

Le-Roi777

commit sha 67b6ee1d844413f3c5be9bcb0648103e106ad272

Merge branch 'master' of https://github.com/Le-Roi777/Frontend-Development

view details

dependabot[bot]

commit sha de0c8bd3b0dc440f172bbba1c385e1c59db84b75

Bump lodash from 4.17.15 to 4.17.20 in /Interest Calculation Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

delete branch Seymos76/onestlapourvous.org

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in a minute

PR closed Seymos76/onestlapourvous.org

Bump websocket-extensions from 0.1.3 to 0.1.4 dependencies

Bumps websocket-extensions from 0.1.3 to 0.1.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p> <blockquote> <h3>0.1.4 / 2020-06-02</h3> <ul> <li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)</li> <li>Change license from MIT to Apache 2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li> <li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li> <li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

1 comment

1 changed file

dependabot[bot]

pr closed time in a minute

PR opened mindsgn/move

Bump lodash from 4.17.15 to 4.17.20

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in a minute

create barnchmindsgn/move

branch : dependabot/npm_and_yarn/lodash-4.17.20

created branch time in a minute

push eventytvnr/gif-of-the-day

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha 2a47b088a3c1b9790ca971ef5167d17fb55af629

chore(deps): bump node-fetch from 2.6.0 to 2.6.1 in /functions Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/bitinn/node-fetch/releases) - [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in a minute

pull request commentSeymos76/onestlapourvous.org

Bump websocket-extensions from 0.1.3 to 0.1.4

Looks like websocket-extensions is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in a minute

PR opened mindsgn/move

Bump acorn from 5.7.3 to 5.7.4

Bumps acorn from 5.7.3 to 5.7.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/6370e90067552022710190319cbbbd8c43001957"><code>6370e90</code></a> Mark version 5.7.4</li> <li><a href="https://github.com/acornjs/acorn/commit/fbc15b1344f6dfb992f67b4bbf1357436247c8a0"><code>fbc15b1</code></a> More rigorously check surrogate pairs in regexp validator</li> <li>See full diff in <a href="https://github.com/acornjs/acorn/compare/5.7.3...5.7.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 2 minutes

create barnchmindsgn/move

branch : dependabot/npm_and_yarn/acorn-5.7.4

created branch time in 2 minutes

PR opened transcom/mymove

Bump swagger-ui-dist from 3.32.5 to 3.33.0

Bumps swagger-ui-dist from 3.32.5 to 3.33.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/swagger-api/swagger-ui/releases">swagger-ui-dist's releases</a>.</em></p> <blockquote> <h2>Swagger UI v3.33.0 Released!</h2> <h1><a href="https://github.com/swagger-api/swagger-ui/compare/v3.32.5...v3.33.0">3.33.0</a> (2020-09-10)</h1> <h3>Bug Fixes</h3> <ul> <li><strong>curlify:</strong> for -d, handle Immutable vs non-Immutable cases (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6349">#6349</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/0c60696d264bdf4910f3e6f153bc5b1fe5e7ebcf">0c60696</a>)</li> <li><strong>curlify:</strong> replace all occurrences of <code>$</code> (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6354">#6354</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/89d57fc0785ddcfd3932f2034456e210da20b576">89d57fc</a>)</li> <li>Add <code>entrySeq()</code> to <code>bodyProperties.map()</code> (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6267">#6267</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/0199b4785fb565f00dde1a674143ae309629f98b">0199b47</a>)</li> <li>Allowing servers dropdown to change when oas3Actions.setSelectedServer is called (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6358">#6358</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/5123b47ef499c82ec15f0aa8e3db3ce901135bc8">5123b47</a>), closes <a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6351">#6351</a></li> <li>Updating select to pass in a better prop; updating test to do a better check (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6385">#6385</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/6ad418d0abf7110dfc58fadec0f324bea8485760">6ad418d</a>), closes <a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6372">#6372</a></li> <li>models view when object key contains deprecated:true (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6371">#6371</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/d4eea4da1b4f24a524f511509e6568069209da9a">d4eea4d</a>), closes <a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6369">#6369</a></li> <li><strong>style:</strong> servers environment select (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6367">#6367</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/7a63ba30c3db548e7159c00a168fcc0d32bc6aff">7a63ba3</a>)</li> <li><strong>style:</strong> restore wrapping of long text in pre blocks (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6377">#6377</a>)</li> </ul> <h3>Features</h3> <ul> <li>migrate unit tests to Jest (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6353">#6353</a>) (<a href="https://github.com/swagger-api/swagger-ui/commit/1a27c0a8bd8147b3398462eabf8f06e980540fb1">1a27c0a</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/swagger-api/swagger-ui/commit/829d87530030bb5bfa24a5093d098c672adfbb9b"><code>829d875</code></a> chore(release): cut the v3.33.0 release</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/8f3ff82dbe7e9a0b5592c207627720790889fdb3"><code>8f3ff82</code></a> housekeeping(dev-deps): npm-audit-ci-wrapper v3 (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6388">#6388</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/89b3eaded06d7e59b4ea00cf08fab5e74af64b35"><code>89b3ead</code></a> housekeeping(dev-deps): eslint-plugin-mocha v8 (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6386">#6386</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/0ff8d77e21be1fbb64b18fb97306d37c4158aa17"><code>0ff8d77</code></a> housekeeping(dev-deps): eslint-plugin-jest v24 (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6384">#6384</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/da981147e82216058e418e4057001864055b187a"><code>da98114</code></a> housekeeping(dev-deps): cypress v5 (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6381">#6381</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/6ad418d0abf7110dfc58fadec0f324bea8485760"><code>6ad418d</code></a> fix: Updating select to pass in a better prop; updating test to do a better c...</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/26a0fd8e6480311cee0c6048c453ef6718092b55"><code>26a0fd8</code></a> fix(styles) restore wrapping of long text in pre blocks (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6377">#6377</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/7a63ba30c3db548e7159c00a168fcc0d32bc6aff"><code>7a63ba3</code></a> fix(style): servers environment select (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6367">#6367</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/89d57fc0785ddcfd3932f2034456e210da20b576"><code>89d57fc</code></a> fix(curlify): replace all occurrences of <code>$</code> (<a href="https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/6354">#6354</a>)</li> <li><a href="https://github.com/swagger-api/swagger-ui/commit/255aa205cd5fa10938d6db4accf310c6a1f56990"><code>255aa20</code></a> housekeeping(dev-deps): open@7.2.1</li> <li>Additional commits viewable in <a href="https://github.com/swagger-api/swagger-ui/compare/v3.32.5...v3.33.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+6 -11

0 comment

2 changed files

pr created time in 2 minutes

create barnchtranscom/mymove

branch : dependabot/npm_and_yarn/swagger-ui-dist-3.33.0

created branch time in 2 minutes

push eventithoq/cryolite-web

dependabot[bot]

commit sha ab40d3602fb25da22bf519dcda6715a9d265bea4

Bump handlebars from 4.0.6 to 4.7.6 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.6 to 4.7.6. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.6...v4.7.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha cd3654fd889c573a3781da1b3a990d8d79a90d7d

Merge pull request #5 from ithoq/dependabot/npm_and_yarn/handlebars-4.7.6 Bump handlebars from 4.0.6 to 4.7.6

view details

dependabot[bot]

commit sha 29c0c6c955576cdbfe8951afb4a68c2c382e8259

Bump eslint from 3.11.1 to 4.18.2 Bumps [eslint](https://github.com/eslint/eslint) from 3.11.1 to 4.18.2. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v3.11.1...v4.18.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

delete branch ytvnr/gif-of-the-day

delete branch : dependabot/npm_and_yarn/extension/lodash-4.17.19

delete time in 2 minutes

delete branch BadwaterBay/gen2.badwaterbay.com

delete branch : dependabot/npm_and_yarn/types/node-14.10.3

delete time in 2 minutes

delete branch ytvnr/gif-of-the-day

delete branch : dependabot/npm_and_yarn/functions/lodash-4.17.19

delete time in 2 minutes

PR closed BadwaterBay/gen2.badwaterbay.com

Bump @types/node from 14.0.27 to 14.10.3 dependencies

Bumps @types/node from 14.0.27 to 14.10.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+5 -5

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 minutes

PR closed ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /extension dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /extension

Superseded by #169.

dependabot[bot]

comment created time in 2 minutes

PR closed ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /functions dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

pull request commentBadwaterBay/gen2.badwaterbay.com

Bump @types/node from 14.0.27 to 14.10.3

Superseded by #28.

dependabot[bot]

comment created time in 2 minutes

delete branch bonigarcia/webdrivermanager

delete branch : dependabot/maven/org.jacoco-jacoco-maven-plugin-0.8.6

delete time in 2 minutes

pull request commentytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.19 in /functions

Superseded by #168.

dependabot[bot]

comment created time in 2 minutes

PR opened ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.20 in /extension

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 2 minutes

PR opened ytvnr/gif-of-the-day

chore(deps): bump lodash from 4.17.15 to 4.17.20 in /functions

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 2 minutes

PR opened BadwaterBay/gen2.badwaterbay.com

Bump @types/node from 14.0.27 to 14.11.1

Bumps @types/node from 14.0.27 to 14.11.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+5 -5

0 comment

2 changed files

pr created time in 2 minutes

push eventithoq/cryolite-web

dependabot[bot]

commit sha 46ecee0b41528f3bc3813adc54ff189a0ad1c917

Bump axios from 0.16.2 to 0.18.1 Bumps [axios](https://github.com/axios/axios) from 0.16.2 to 0.18.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.18.1/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v0.16.2...v0.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 3fd4dfff7513e86aa0b6f95d7a3ccf7482a7483e

Bump lodash-es from 4.17.2 to 4.17.15 Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.2 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha ab40d3602fb25da22bf519dcda6715a9d265bea4

Bump handlebars from 4.0.6 to 4.7.6 Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.6 to 4.7.6. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.6...v4.7.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha eb503d6a1e200931067a30429ddb7f3198c8d96f

Merge pull request #2 from ithoq/dependabot/npm_and_yarn/axios-0.18.1 Bump axios from 0.16.2 to 0.18.1

view details

Ithoq Projosasmito

commit sha 2d37955088e65867ec367f79c7776de53cd6d8ff

Merge pull request #4 from ithoq/dependabot/npm_and_yarn/lodash-es-4.17.15 Bump lodash-es from 4.17.2 to 4.17.15

view details

Ithoq Projosasmito

commit sha cd3654fd889c573a3781da1b3a990d8d79a90d7d

Merge pull request #5 from ithoq/dependabot/npm_and_yarn/handlebars-4.7.6 Bump handlebars from 4.0.6 to 4.7.6

view details

dependabot[bot]

commit sha cc56e7f0d554b332da6c11d317601a6580a31dcd

Bump lodash from 4.17.2 to 4.17.19 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.2 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

push eventbranoholy/update-files-action

dependabot[bot]

commit sha 78f7e94b8db42245701997721f3e70cdcb76ee74

DEPS: Bump @types/node from 14.10.3 to 14.11.1 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.10.3 to 14.11.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot[bot] <support@github.com>

view details

branoholy-bot

commit sha e1b6f6f70e5c7fec63b1f66d149dc6ecd182f86a

Merge pull request #384 from branoholy/dependabot-npm_and_yarn-types-node-14.11.1

view details

dependabot[bot]

commit sha e32781a8f5847db61cb283e5edac7e23ac3d914b

DEPS: Bump pascalgn/automerge-action from v0.9.0 to v0.10.0 Bumps [pascalgn/automerge-action](https://github.com/pascalgn/automerge-action) from v0.9.0 to v0.10.0. - [Release notes](https://github.com/pascalgn/automerge-action/releases) - [Commits](https://github.com/pascalgn/automerge-action/compare/v0.9.0...a6eda95628e71aa97719c9e111847402fa9d476a) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

PR opened pesconi/desafio-fundamentos-react-native

Bump lodash from 4.17.15 to 4.17.20

Bumps lodash from 4.17.15 to 4.17.20. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.20">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 2 minutes

push eventytvnr/gif-of-the-day

Aurélien Loyer

commit sha 0c4defe3b74845afd536728e06cc3d0486c675ca

fix: reset pagination offset on reset 🐛 (#159)

view details

Yann Tavernier

commit sha 62a6720a5c8be04006feac40aa23facabb7161d5

doc: firebase part of bbl (#164)

view details

dependabot[bot]

commit sha 63c17a4fb6617303e1bf081e1a213a593e385d2a

chore(deps): bump websocket-extensions from 0.1.3 to 0.1.4 in /functions Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4. - [Release notes](https://github.com/faye/websocket-extensions-node/releases) - [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 minutes

PR opened ithoq/cryolite-web

Bump stringstream from 0.0.5 to 0.0.6

Bumps stringstream from 0.0.5 to 0.0.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mhart/StringStream/commit/fee31c5c4a5efc7c7cc2fde4aee633dedefd6d67"><code>fee31c5</code></a> 0.0.6</li> <li><a href="https://github.com/mhart/StringStream/commit/2f4a9d496f94b0880e01a26857aa266a5a3ef274"><code>2f4a9d4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mhart/StringStream/issues/9">#9</a> from mhart/fix-buffer-constructor-vuln</li> <li><a href="https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b"><code>afbc744</code></a> Ensure data is not a number in Buffer constructor</li> <li>See full diff in <a href="https://github.com/mhart/StringStream/compare/v0.0.5...v0.0.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

pr created time in 2 minutes

create barnchithoq/cryolite-web

branch : dependabot/npm_and_yarn/stringstream-0.0.6

created branch time in 2 minutes

delete branch sealninja/react-i18nify

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 2 minutes

PR closed sealninja/react-i18nify

Bump lodash from 4.17.15 to 4.17.19 dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 minutes

delete branch nulib/meadow

delete branch : dependabot/npm_and_yarn/priv/tiff/dependencies/aws-sdk-2.755.0

delete time in 2 minutes

pull request commentsealninja/react-i18nify

Bump lodash from 4.17.15 to 4.17.19

Looks like lodash is up-to-date now, so this is no longer needed.

dependabot[bot]

comment created time in 2 minutes

PR opened transcom/mymove

Bump moment from 2.27.0 to 2.28.0

Bumps moment from 2.27.0 to 2.28.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/moment/moment/blob/develop/CHANGELOG.md">moment's changelog</a>.</em></p> <blockquote> <h3>2.28.0 <a href="https://gist.github.com/marwahaha/028fd6c2b2470b2804857cfd63c0e94f">See full changelog</a></h3> <ul> <li>Release Sept 13, 2020</li> </ul> <p>Fix bug where .format() modifies original instance, and locale updates</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moment/moment/commit/2e91315d5f3b9fc26982d80aed401bbe0445fd43"><code>2e91315</code></a> Build 2.28.0</li> <li><a href="https://github.com/moment/moment/commit/2da40e94deca972c6c54e22a07f471e89d9a9127"><code>2da40e9</code></a> Bump version to 2.28.0</li> <li><a href="https://github.com/moment/moment/commit/e566c01f3c077009920891516e88cfa47e51a05f"><code>e566c01</code></a> Update changelog for 2.28.0</li> <li><a href="https://github.com/moment/moment/commit/e3fb33c473e493867f0d5e3ed1b68b85c7257aa8"><code>e3fb33c</code></a> [bugfix] Fix bug where .format() modifies original moment instance (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5580">#5580</a>)</li> <li><a href="https://github.com/moment/moment/commit/db9994d8f8dead38be72e9a8442a3884e78c60b3"><code>db9994d</code></a> [pkg] fix builds (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5712">#5712</a>)</li> <li><a href="https://github.com/moment/moment/commit/2ba43e026478fdf2e5a0b7035199fb64fcd035d6"><code>2ba43e0</code></a> [locale] Update dow for Konkani locales (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5676">#5676</a>)</li> <li><a href="https://github.com/moment/moment/commit/ddf5ba6a0e92ca61a8ea59f4bb2f715f9d64c4c6"><code>ddf5ba6</code></a> [locale] az: fix a word (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5675">#5675</a>)</li> <li><a href="https://github.com/moment/moment/commit/2c0b063b3bf95a285f9b38c173e262b6416c2e7f"><code>2c0b063</code></a> [misc] Update comment in ug-cn.js (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5634">#5634</a>)</li> <li><a href="https://github.com/moment/moment/commit/9d560507e54612cf2fdd84cbaa117337568a384c"><code>9d56050</code></a> [locale] es: fix accent mark (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5641">#5641</a>)</li> <li><a href="https://github.com/moment/moment/commit/1811de9d3e2040cc64882b50eaf9e05b4025b465"><code>1811de9</code></a> [locale] tk: fix country code (<a href="https://github-redirect.dependabot.com/moment/moment/issues/5606">#5606</a>)</li> <li>See full diff in <a href="https://github.com/moment/moment/compare/2.27.0...2.28.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+6 -11

0 comment

2 changed files

pr created time in 3 minutes

create barnchtranscom/mymove

branch : dependabot/npm_and_yarn/moment-2.28.0

created branch time in 3 minutes

PR opened ithoq/cryolite-web

Bump diff from 3.1.0 to 3.5.0

Bumps diff from 3.1.0 to 3.5.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kpdecker/jsdiff/blob/master/release-notes.md">diff's changelog</a>.</em></p> <blockquote> <h2>v3.5.0 - March 4th, 2018</h2> <ul> <li>Omit redundant slice in join method of diffArrays - 1023590</li> <li>Support patches with empty lines - fb0f208</li> <li>Accept a custom JSON replacer function for JSON diffing - 69c7f0a</li> <li>Optimize parch header parser - 2aec429</li> <li>Fix typos - e89c832</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.4.0...v3.5.0">Commits</a></p> <h2>v3.4.0 - October 7th, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/183">#183</a> - Feature request: ability to specify a custom equality checker for <code>diffArrays</code></li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/173">#173</a> - Bug: diffArrays gives wrong result on array of booleans</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/158">#158</a> - diffArrays will not compare the empty string in array?</li> <li>comparator for custom equality checks - 30e141e</li> <li>count oldLines and newLines when there are conflicts - 53bf384</li> <li>Fix: diffArrays can compare falsey items - 9e24284</li> <li>Docs: Replace grunt with npm test - 00e2f94</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.3.1...v3.4.0">Commits</a></p> <h2>v3.3.1 - September 3rd, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/141">#141</a> - Cannot apply patch because my file delimiter is "/r/n" instead of "/n"</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/pull/192">#192</a> - Fix: Bad merge when adding new files (<a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/189">#189</a>)</li> <li>correct spelling mistake - 21fa478</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.3.0...v3.3.1">Commits</a></p> <h2>v3.3.0 - July 5th, 2017</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/issues/114">#114</a> - /patch/merge not exported</li> <li>Gracefully accept invalid newStart in hunks, same as patch(1) does. - d8a3635</li> <li>Use regex rather than starts/ends with for parsePatch - 6cab62c</li> <li>Add browser flag - e64f674</li> <li>refactor: simplified code a bit more - 8f8e0f2</li> <li>refactor: simplified code a bit - b094a6f</li> <li>fix: some corrections re ignoreCase option - 3c78fd0</li> <li>ignoreCase option - 3cbfbb5</li> <li>Sanitize filename while parsing patches - 2fe8129</li> <li>Added better installation methods - aced50b</li> <li>Simple export of functionality - 8690f31</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.2.0...v3.3.0">Commits</a></p> <h2>v3.2.0 - December 26th, 2016</h2> <ul> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/pull/156">#156</a> - Add <code>undefinedReplacement</code> option to <code>diffJson</code> (<a href="https://api.github.com/users/ewnd9">@ewnd9</a>)</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/pull/154">#154</a> - Add <code>examples</code> and <code>images</code> to <code>.npmignore</code>. (<a href="https://api.github.com/users/wtgtybhertgeghgtwtg">@wtgtybhertgeghgtwtg</a>)</li> <li><a href="https://github-redirect.dependabot.com/kpdecker/jsdiff/pull/153">#153</a> - feat(structuredPatch): Pass options to diffLines (<a href="https://api.github.com/users/Kiougar">@Kiougar</a>)</li> </ul> <p><a href="https://github.com/kpdecker/jsdiff/compare/v3.1.0...v3.2.0">Commits</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kpdecker/jsdiff/commit/e9ab94893a77f1f7d7ea8483b873083e6c6a390a"><code>e9ab948</code></a> v3.5.0</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/b73884c013d199aeba62f583c392a823083a889f"><code>b73884c</code></a> Update release notes</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/89530211601abfd0baf6276f0f862d5e43f908ee"><code>8953021</code></a> Update release notes</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/1023590bd4b29edb8c4d280f9bd50966fc22e469"><code>1023590</code></a> Omit redundant slice in join method of diffArrays</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/c72ef4aec8fc6318dd413ab7c225fa47891f607c"><code>c72ef4a</code></a> Add missing test coverage</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/b9ef24f8004624f024f9853842ea45903dc0afc7"><code>b9ef24f</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/10aaabb3b7b22c8019dc74f0ab674041167e7438"><code>10aaabb</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/196d3aa052e89bfe929ed6368b11dc7d011bf911"><code>196d3aa</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/e24d789f71991db9a74e3997653d9cf52d071749"><code>e24d789</code></a> Support patches with empty lines</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/8616a02a139422c8a3e008b63d60083abdd56b7c"><code>8616a02</code></a> Support patches with empty lines</li> <li>Additional commits viewable in <a href="https://github.com/kpdecker/jsdiff/compare/v3.1.0...v3.5.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

pr created time in 3 minutes

create barnchithoq/cryolite-web

branch : dependabot/npm_and_yarn/diff-3.5.0

created branch time in 3 minutes

delete branch Norbinsh/aws-cdk-codebuild-report-groups

delete branch : dependabot/npm_and_yarn/cdk/types/node-14.10.3

delete time in 3 minutes

delete branch ithoq/cryolite-web

delete branch : dependabot/npm_and_yarn/handlebars-4.7.6

delete time in 3 minutes

PR closed Norbinsh/aws-cdk-codebuild-report-groups

Bump @types/node from 10.17.5 to 14.10.3 in /cdk dependencies

Bumps @types/node from 10.17.5 to 14.10.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 3 minutes

pull request commentNorbinsh/aws-cdk-codebuild-report-groups

Bump @types/node from 10.17.5 to 14.10.3 in /cdk

Superseded by #37.

dependabot[bot]

comment created time in 3 minutes

PR opened Norbinsh/aws-cdk-codebuild-report-groups

Bump @types/node from 10.17.5 to 14.11.1 in /cdk

Bumps @types/node from 10.17.5 to 14.11.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

0 comment

2 changed files

pr created time in 3 minutes

PR opened ithoq/cryolite-web

Bump is-my-json-valid from 2.15.0 to 2.20.5

Bumps is-my-json-valid from 2.15.0 to 2.20.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/441f812eefa95ee5e0c1c9b4cba45021d2e72cfb"><code>441f812</code></a> 2.20.5</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/d36a1b1ff19fffde3c120c934320451852b2a8ab"><code>d36a1b1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/182">#182</a> from ChALkeR/chalker/fix-comma</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/b6ea4843b51f955011b7d0fab8f1734ff434d46e"><code>b6ea484</code></a> Fix uri prefix detection</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/5389c5b06ab105af08d10937151f062167e9ed6f"><code>5389c5b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/181">#181</a> from ChALkeR/chalker/fix-undef</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/df5b313f8b14738f6995729a52946d6258b8b2dd"><code>df5b313</code></a> add funding file</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/c224619b9a13a30a7afb54d2e8b4a0c7b5b7943d"><code>c224619</code></a> Fix 'required' implementation</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/2534af447c2a13871c32679c7059a099ea7114b6"><code>2534af4</code></a> 2.20.4</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/22c6b768a16e95349ad14c638d0d412be6e28fd4"><code>22c6b76</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mafintosh/is-my-json-valid/issues/180">#180</a> from ChALkeR/chalker/fix-style</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/ccde29dd0626d870bf61fc9c04c845017060711d"><code>ccde29d</code></a> Fix a ReDoS in 'style' format</li> <li><a href="https://github.com/mafintosh/is-my-json-valid/commit/9df4acbb3077bce07f74e2f788cc9bfc11e0a5b3"><code>9df4acb</code></a> 2.20.3</li> <li>Additional commits viewable in <a href="https://github.com/mafintosh/is-my-json-valid/compare/v2.15.0...v2.20.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~linusu">linusu</a>, a new releaser for is-my-json-valid since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+16 -9

0 comment

1 changed file

pr created time in 3 minutes

delete branch MrKanishkPatel/hoverboard

delete branch : dependabot/npm_and_yarn/firebase-7.20.0

delete time in 3 minutes

PR opened GoogleCloudPlatform/iap-gcip-web-toolkit

Bump node-forge from 0.9.1 to 0.10.0 in /authui-container

Bumps node-forge from 0.9.1 to 0.10.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md">node-forge's changelog</a>.</em></p> <blockquote> <h2>0.10.0 - 2020-09-01</h2> <h3>Changed</h3> <ul> <li><strong>BREAKING</strong>: Node.js 4 no longer supported. The code <em>may</em> still work, and non-invasive patches to keep it working will be considered. However, more modern tools no longer support old Node.js versions making testing difficult.</li> </ul> <h3>Removed</h3> <ul> <li><strong>BREAKING</strong>: Remove <code>util.getPath</code>, <code>util.setPath</code>, and <code>util.deletePath</code>. <code>util.setPath</code> had a potential prototype pollution security issue when used with unsafe inputs. These functions are not used by <code>forge</code> itself. They date from an early time when <code>forge</code> was targeted at providing general helper functions. The library direction changed to be more focused on cryptography. Many other excellent libraries are more suitable for general utilities. If you need a replacement for these functions, consier <code>get</code>, <code>set</code>, and <code>unset</code> from <a href="https://lodash.com/">lodash</a>. But also consider the potential similar security issues with those APIs.</li> </ul> <h2>0.9.2 - 2020-09-01</h2> <h3>Changed</h3> <ul> <li>Added <code>util.setPath</code> security note to function docs and to README.</li> </ul> <h3>Notes</h3> <ul> <li><strong>SECURITY</strong>: The <code>util.setPath</code> function has the potential to cause prototype pollution if used with unsafe input. <ul> <li>This function is <strong>not</strong> used internally by <code>forge</code>.</li> <li>The rest of the library is unaffected by this issue.</li> <li><strong>Do not</strong> use unsafe input with this function.</li> <li>Usage with known input should function as expected. (Including input intentionally using potentially problematic keys.)</li> <li>No code changes will be made to address this issue in 0.9.x. The current behavior <em>could</em> be considered a feature rather than a security issue. 0.10.0 will be released that removes <code>util.getPath</code> and <code>util.setPath</code>. Consider <code>get</code> and <code>set</code> from <a href="https://lodash.com/">lodash</a> if you need replacements. But also consider the potential similar security issues with those APIs.</li> <li><a href="https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677">https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677</a></li> <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7720</a></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/digitalbazaar/forge/commit/8018c3ea6f8e75d2df1b9ce4ec9c536db3db37e6"><code>8018c3e</code></a> Release 0.10.0.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756"><code>6a1e3ef</code></a> Remove object path functions.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/30d560c6b522b9a97a67d9101ecf8f860a4ba63a"><code>30d560c</code></a> Remove Node.js 4 support.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/1ba83ecca436c2e1d0d37ea154467e9934019504"><code>1ba83ec</code></a> Update dependencies.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/81abd87a9a8ef705af17d1e712a086ef4b7869a1"><code>81abd87</code></a> Improve linting.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/7b59028142bb5f5e299df0d0931a8306d7d7046b"><code>7b59028</code></a> Test on Node.js 14.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/ba13a1c8bfdb1d6abb286fa7fcb82a57b40ae345"><code>ba13a1c</code></a> Update webpack.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/c8d5395e078f838604eb9df32ef9d298288057fd"><code>c8d5395</code></a> Add travis browser test names.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/afc5a728f5c6bf5cb80eddb5b85c7340b28bfa51"><code>afc5a72</code></a> Update dependencies.</li> <li><a href="https://github.com/digitalbazaar/forge/commit/ba0207fa359f79a5af0e71d12f488a846e9265f6"><code>ba0207f</code></a> Test on Node.js 12.</li> <li>Additional commits viewable in <a href="https://github.com/digitalbazaar/forge/compare/0.9.1...0.10.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

0 comment

2 changed files

pr created time in 3 minutes

PR closed MrKanishkPatel/hoverboard

Bump firebase from 7.19.1 to 7.20.0 dependencies

Bumps firebase from 7.19.1 to 7.20.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/268096e0d9bf2ec72c8746edf662bb41d7b247e7"><code>268096e</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3746">#3746</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/f47f9907cbd86a3dd95be73c040cbe5b077d4547"><code>f47f990</code></a> Exclude -compat from build:release (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3748">#3748</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/cb730cca0be1a8ade04a55386e80c0646806804b"><code>cb730cc</code></a> Update dynamic measurement ID change to ensure firebase minor bump (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3747">#3747</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/aa10af337895f60c1cfd67e5f400951fe30ed24b"><code>aa10af3</code></a> Add installations-exp packages to changeset ignore (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3745">#3745</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/d478772638ed4af8a1ad22eb91cb3cf986ae9985"><code>d478772</code></a> Lock file maintenance (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3246">#3246</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/931ab7e1f2a83f4d2506d96b4de1f1ad3e02ac6d"><code>931ab7e</code></a> Bump bl from 4.0.2 to 4.0.3 (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3731">#3731</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/fb3b095e4b7c8f57fdb3172bc039c84576abf290"><code>fb3b095</code></a> Use Dynamic Measurement ID in Analytics (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/2800">#2800</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/d347c6ca1bcb7cd48ab2e4f7954cabafe761aea7"><code>d347c6c</code></a> Infer database URL from Project ID (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3650">#3650</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/cc16b4ae481edb64c788ac2826a9dc1700585875"><code>cc16b4a</code></a> Tree-Shake RemoteStore (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3705">#3705</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/f506e18facf8f47eff61cf83a98af4b1f2e94319"><code>f506e18</code></a> Fis modularization (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3638">#3638</a>)</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-js-sdk/compare/firebase@7.19.1...firebase@7.20.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+251 -37

1 comment

2 changed files

dependabot[bot]

pr closed time in 3 minutes

pull request commentMrKanishkPatel/hoverboard

Bump firebase from 7.19.1 to 7.20.0

Superseded by #265.

dependabot[bot]

comment created time in 3 minutes

create barnchMrKanishkPatel/hoverboard

branch : dependabot/npm_and_yarn/firebase-7.21.0

created branch time in 3 minutes

PR opened MrKanishkPatel/hoverboard

Bump firebase from 7.19.1 to 7.21.0

Bumps firebase from 7.19.1 to 7.21.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/0558cd8410f989903d5d15f4e6930e51349c6a99"><code>0558cd8</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3785">#3785</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/80e42190022da79f851b60731d922f2a39d255dc"><code>80e4219</code></a> Fix logic (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3788">#3788</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/1309b93779f72df999af7b982bb60bcdd66bc8aa"><code>1309b93</code></a> Allow ignoring unstaged changes (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3787">#3787</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/f9004177e76f00fc484d30c0c0e7b1bc2da033f9"><code>f900417</code></a> Make != and NOT_IN publicly available (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3772">#3772</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/a865ae9eb688de931bae5f7899f0d85941a02a8d"><code>a865ae9</code></a> Don't use interface types (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3770">#3770</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/b1854ab302bcce1341cec4815299d1d9439e041b"><code>b1854ab</code></a> Fix NotInFilter matches (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3752">#3752</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/e81c429aec43cd4467089bfed68eafafba6e8ee2"><code>e81c429</code></a> Call toFirestore() only once (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3755">#3755</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/35d1c0df6d156f76b445a9fd1f16638ed9a1cfc5"><code>35d1c0d</code></a> Update dependency git-rev-sync to v3 (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3763">#3763</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/4b48167034c192603f5aede0935ce40172b80920"><code>4b48167</code></a> Update dependency node-fetch to v2.6.1 [SECURITY] (<a href="https://github-redirect.dependabot.com/firebase/firebase-js-sdk/issues/3759">#3759</a>)</li> <li><a href="https://github.com/firebase/firebase-js-sdk/commit/0eb18ca80c53a0914e5525d4d90d324c73ee6ec5"><code>0eb18ca</code></a> Merge branch 'release'</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-js-sdk/compare/firebase@7.19.1...firebase@7.21.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+263 -43

0 comment

2 changed files

pr created time in 3 minutes

delete branch lucasmotta/pull-request-sticky-header

delete branch : dependabot/npm_and_yarn/types/node-14.11.1

delete time in 3 minutes

push eventithoq/cryolite-web

dependabot[bot]

commit sha 46ecee0b41528f3bc3813adc54ff189a0ad1c917

Bump axios from 0.16.2 to 0.18.1 Bumps [axios](https://github.com/axios/axios) from 0.16.2 to 0.18.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.18.1/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v0.16.2...v0.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

dependabot[bot]

commit sha 3fd4dfff7513e86aa0b6f95d7a3ccf7482a7483e

Bump lodash-es from 4.17.2 to 4.17.15 Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.2 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.2...4.17.15) Signed-off-by: dependabot[bot] <support@github.com>

view details

Ithoq Projosasmito

commit sha eb503d6a1e200931067a30429ddb7f3198c8d96f

Merge pull request #2 from ithoq/dependabot/npm_and_yarn/axios-0.18.1 Bump axios from 0.16.2 to 0.18.1

view details

Ithoq Projosasmito

commit sha 2d37955088e65867ec367f79c7776de53cd6d8ff

Merge pull request #4 from ithoq/dependabot/npm_and_yarn/lodash-es-4.17.15 Bump lodash-es from 4.17.2 to 4.17.15

view details

dependabot[bot]

commit sha 7ac936f0821252db21fae12a97bc7b2e3c582f08

Bump eslint from 3.11.1 to 4.18.2 Bumps [eslint](https://github.com/eslint/eslint) from 3.11.1 to 4.18.2. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v3.11.1...v4.18.2) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 3 minutes

PR opened ithoq/cryolite-web

Bump marked from 0.3.6 to 0.3.19

Bumps marked from 0.3.6 to 0.3.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/markedjs/marked/releases">marked's releases</a>.</em></p> <blockquote> <h2>0.3.18 minified required new release</h2> <p>0.3.18 did not have changes to min.</p> <h2>Minor fixes and updated docs</h2> <ul> <li>Supported Markdown flavors: CommonMark 0.28 and GitHub Flavored Markdown 0.28</li> <li>Updates to our CI pipeline; we're all green! <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1098">#1098</a> with the caveat that there is a test that needs to get sorted (help us out <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1092">#1092</a>)</li> <li>Start ordered lists using the initial numbers from markdown lists (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1144">#1144</a>)</li> <li>Added GitHub Pages site for documentation <a href="https://marked.js.org/">https://marked.js.org/</a> (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1138">#1138</a>)</li> </ul> <h2>Processes and tools</h2> <ul> <li>The elephant in the room: A security vulnerability was discovered and fixed. Please note, if something breaks due to these changes, it was not our intent, and please let us know by submitting a PR or issue to course correct (the nature of the zero-major release and having security as a number one priority) <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1083">#1083</a></li> <li>The other elephant in the room: We missed publishing a 0.3.16 release to GitHub; so, trying to make up for that a bit.</li> <li>Updates to the project documentation and operations, you should check it out, just start with the README and you should be good.</li> <li>New release PR template available <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1076">#1076</a></li> <li>Updates to default PR and Issue templates <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1076">#1076</a></li> <li>Lint checks + tests + continuous integration using Travis <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1020">#1020</a></li> <li>Updated testing output <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1085">#1085</a> & <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1087">#1087</a></li> </ul> <h2>Fix capturing parens</h2> <p>Fixes unintended breaking change from v0.3.14</p> <h2>New year, new home</h2> <ul> <li>Marked has a new home under the MarkedJS org! Other advances soon to come.</li> <li>Updated minifier.</li> <li>Various parser fixes</li> </ul> <h2>New Year, new Marked!</h2> <ul> <li>Addresses issue where some users might not have been able to update due to missing <code>use strict</code> <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/991">#991</a></li> <li>Parser fix <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/977">#977</a></li> <li>New way to perform tests with options and running individual tests <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1002">#1002</a></li> <li>Improved test cases</li> <li>Improved links</li> </ul> <h2>Merry XSSmas</h2> <p>We think with this version we have addressed most, if not all, known security vulnerabilities. If you find more, please let us know.</p> <h2>XSS</h2> <p>Should fix XSS issue discovered.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/markedjs/marked/commit/5d1baa4d7ca55b27cb08029ac785e98b6378fcf0"><code>5d1baa4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1157">#1157</a> from markedjs/release-0.3.19</li> <li><a href="https://github.com/markedjs/marked/commit/a089991fe35e250e5bc3fbbb99fb4ccd515b61dd"><code>a089991</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/64">#64</a> from fidian/master</li> <li><a href="https://github.com/markedjs/marked/commit/ad6c7f91254c3d8ceb3354fcd7a18294e1cb2e4b"><code>ad6c7f9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1156">#1156</a> from UziTech/docs-navigation</li> <li><a href="https://github.com/markedjs/marked/commit/03e015ca912ae4039862c73bd3cee8e04b589085"><code>03e015c</code></a> 0.3.19</li> <li><a href="https://github.com/markedjs/marked/commit/cf2def076f9b8c0ff9c09ae5be816f0605a976ef"><code>cf2def0</code></a> minify</li> <li><a href="https://github.com/markedjs/marked/commit/29f4190117eb59ff9f644bc17046d141343647cf"><code>29f4190</code></a> Ignore DS_Store on macos</li> <li><a href="https://github.com/markedjs/marked/commit/f29bceb025a31d95a6205d2fcfd6b2385905d8b9"><code>f29bceb</code></a> Update publishing template (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1154">#1154</a>)</li> <li><a href="https://github.com/markedjs/marked/commit/210eed715b5c26f4db2b982236638ddde50159c7"><code>210eed7</code></a> Update badge template (<a href="https://github-redirect.dependabot.com/markedjs/marked/issues/1155">#1155</a>)</li> <li><a href="https://github.com/markedjs/marked/commit/9c01b83370792d9b0e6c2cb1903ca67191a76269"><code>9c01b83</code></a> link to README.md</li> <li><a href="https://github.com/markedjs/marked/commit/fd9f44413301b5ba186f61db06b8ddfa1336a983"><code>fd9f444</code></a> add github ribbon</li> <li>Additional commits viewable in <a href="https://github.com/markedjs/marked/compare/v0.3.6...v0.3.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~amidknight">amidknight</a>, a new releaser for marked since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+2 -2

0 comment

1 changed file

pr created time in 3 minutes

create barnchithoq/cryolite-web

branch : dependabot/npm_and_yarn/marked-0.3.19

created branch time in 3 minutes

delete branch ayushmanbh/Breaking-Bad-cast-search

delete branch : dependabot/npm_and_yarn/websocket-extensions-0.1.4

delete time in 3 minutes

delete branch juicyfx/juicy

delete branch : dependabot/npm_and_yarn/packages/pdfx/sass-1.26.11

delete time in 3 minutes

delete branch ithoq/cryolite-web

delete branch : dependabot/npm_and_yarn/lodash-es-4.17.15

delete time in 3 minutes

PR closed juicyfx/juicy

Bump sass from 1.26.10 to 1.26.11 in /packages/pdfx dependencies javascript

Bumps sass from 1.26.10 to 1.26.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.26.11</h2> <p>To install Sass 1.26.11, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li> <p><strong>Potentially breaking bug fix:</strong> <code>selector.nest()</code> now throws an error if the first arguments contains the parent selector <code>&</code>.</p> </li> <li> <p>Fixes a parsing bug with inline comments in selectors.</p> </li> <li> <p>Improve some error messages for edge-case parse failures.</p> </li> <li> <p>Throw a proper error when the same built-in module is <code>@use</code>d twice.</p> </li> <li> <p>Don't crash when writing <code>Infinity</code> in JS mode.</p> </li> <li> <p>Produce a better error message for positional arguments following named arguments.</p> </li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#12611">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.26.11</h2> <ul> <li> <p><strong>Potentially breaking bug fix:</strong> <code>selector.nest()</code> now throws an error if the first arguments contains the parent selector <code>&</code>.</p> </li> <li> <p>Fixes a parsing bug with inline comments in selectors.</p> </li> <li> <p>Improve some error messages for edge-case parse failures.</p> </li> <li> <p>Throw a proper error when the same built-in module is <code>@use</code>d twice.</p> </li> <li> <p>Don't crash when writing <code>Infinity</code> in JS mode.</p> </li> <li> <p>Produce a better error message for positional arguments following named arguments.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/f843f96bc2c9feb4bb7a9a308581ac249022c996"><code>f843f96</code></a> Produce a better error for positional arguments after named (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1087">#1087</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/6ec78f975bc47bfcbe826f6db0add72ca5ac16c9"><code>6ec78f9</code></a> Test against a matching sass-spec feature branch by default (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1082">#1082</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/015a76cf0b26d35d7fe99e7e28a7e5834753781e"><code>015a76c</code></a> Revert "Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>) (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1080">#1080</a>)"</li> <li><a href="https://github.com/sass/dart-sass/commit/315e86b4421fa08e4535d1a7121a6bbdc8fb6010"><code>315e86b</code></a> Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>) (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1080">#1080</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/9503b57ac5c86215e537dc2ce43321a74805e27b"><code>9503b57</code></a> Revert "Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>)"</li> <li><a href="https://github.com/sass/dart-sass/commit/bc7216a441074f6a35b62dccb7fdc17e08ae442c"><code>bc7216a</code></a> Add a map.deep-merge() function (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1077">#1077</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/830bb3aab2672acdd596361d8ba0cd1af98babef"><code>830bb3a</code></a> Move Node tests on Windows to Travis (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1063">#1063</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/a06295426df5dee8486a1d9b8c6cb0395fffc3f1"><code>a062954</code></a> Throw a proper error when the same built-in module is <a href="https://github.com/used">@used</a> twice (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1070">#1070</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/1dff9a7ce4e5fa5160c0ba7f16eddb892da6e325"><code>1dff9a7</code></a> Don't crash when writing Infinity in JS mode (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1069">#1069</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/4c0bc7f4f5545d23987bc13891a955895314656e"><code>4c0bc7f</code></a> Throw an error if the first error to selector.nest() contains & (<a href="https://github-redirect.dependabot.com/sass/dart-sass/issues/1068">#1068</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sass/dart-sass/compare/1.26.10...1.26.11">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 3 minutes

delete branch Yeseh/eslint-config

delete branch : dependabot/npm_and_yarn/lodash-4.17.19

delete time in 3 minutes

more