profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/florpor/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

meirim-org/meirim 28

Meirim is an open-source smart city application that facilitates transparency in urban planning.

florpor/Leaflet.ShowAll 4

A LeafletJS plugin to zoom back to see "all" the map, then zoom back in when done

florpor/linux 3

Linux kernel source tree

florpor/opentaba-poster 1

A social poster for the opentaba project

florpor/u-boot 1

"Das U-Boot" Source Tree

florpor/android_device_samsung_ancora 0

CyanogenMod for Samsung Galaxy W (GT-I8150)

florpor/android_vendor_samsung_ancora 0

Vendor files for Samsung Galaxy W (GT-I8150)

florpor/aws-airflow-stack 0

Turbine: the bare metals behind a complete Airflow setup

push eventmeirim-org/meirim

florpor

commit sha bcdee6ba2d30f7d9dfbb8d9392425e77a201fff0

crawler process test - fail if any errors are logged. mavat challenged file download test - add redirect to https before final mocked response

view details

push time in 5 days

startedcsweichel/werft

started time in 6 days

pull request commentmeirim-org/meirim

url in tree page + hack for crawler

? @GalGend did everything turn out ok?

gruppin

comment created time in 25 days

startedalixaxel/chrome-aws-lambda

started time in a month

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/normalize-url-4.5.1

delete time in a month

push eventmeirim-org/meirim

dependabot[bot]

commit sha a95401b837c9534c79e6945215992fc5d394aa61

Bump normalize-url from 4.5.0 to 4.5.1 in /server Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha 2266708e2a93bcbf6c061af9add26f53a816c79a

Merge pull request #387 from meirim-org/dependabot/npm_and_yarn/server/normalize-url-4.5.1 Bump normalize-url from 4.5.0 to 4.5.1 in /server

view details

push time in a month

PR merged meirim-org/meirim

Bump normalize-url from 4.5.0 to 4.5.1 in /server dependencies

Bumps normalize-url from 4.5.0 to 4.5.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sindresorhus/normalize-url/commits">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventmeirim-org/meirim

florpor

commit sha ecc56e7c0eb16e6eac9d08a513acad8d8e67320f

revert alert unsubscribe active session constraint

view details

push time in a month

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/glob-parent-5.1.2

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 630d79a04c602adef8a2acf7accac2c4a68743be

Bump glob-parent from 5.1.1 to 5.1.2 in /server Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha 96b1e8a937dead8a2f236b6588bdff515d7e3857

Merge pull request #384 from meirim-org/dependabot/npm_and_yarn/server/glob-parent-5.1.2 Bump glob-parent from 5.1.1 to 5.1.2 in /server

view details

push time in 2 months

PR merged meirim-org/meirim

Bump glob-parent from 5.1.1 to 5.1.2 in /server dependencies

Bumps glob-parent from 5.1.1 to 5.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/releases">glob-parent's releases</a>.</em></p> <blockquote> <h2>v5.1.2</h2> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md">glob-parent's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">5.1.2</a> (2021-03-06)</h3> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> <h2><a href="https://www.github.com/gulpjs/glob-parent/compare/v5.1.2...v6.0.0">6.0.0</a> (2021-05-03)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>)</li> <li>upgrade scaffold, dropping node <10 support</li> </ul> <h3>Bug Fixes</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>) (<a href="https://www.github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47">32f6d52</a>), closes <a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/32">#32</a></li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li>upgrade scaffold, dropping node <10 support (<a href="https://www.github.com/gulpjs/glob-parent/commit/e83d0c5a411947cf69eb58f36349db80439c606f">e83d0c5</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gulpjs/glob-parent/commit/eb2c439de448c779b450472e591a2bc9e37e9668"><code>eb2c439</code></a> chore: update changelog</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/12bcb6c45c942e2d05fc1e6ff5402e72555b54b6"><code>12bcb6c</code></a> chore: release 5.1.2</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366"><code>f923116</code></a> fix: eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/0b014a7962789b2d8f2cf0b6311f40667aecd62c"><code>0b014a7</code></a> chore: add JSDoc returns information (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/33">#33</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/2b24ebd64b2a045aa167c825376335555da139fd"><code>2b24ebd</code></a> chore: generate initial changelog</li> <li>See full diff in <a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/ws-7.4.6

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 781400dc597b0a60627b19f775b19e4878243ad9

Bump ws from 7.3.1 to 7.4.6 in /server Bumps [ws](https://github.com/websockets/ws) from 7.3.1 to 7.4.6. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.3.1...7.4.6) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha fff5325de373e4cc845ecb580e4772d8325f3834

Merge pull request #379 from meirim-org/dependabot/npm_and_yarn/server/ws-7.4.6 Bump ws from 7.3.1 to 7.4.6 in /server

view details

push time in 2 months

PR merged meirim-org/meirim

Bump ws from 7.3.1 to 7.4.6 in /server dependencies

Bumps ws from 7.3.1 to 7.4.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>7.4.6</h2> <h1>Bug fixes</h1> <ul> <li>Fixed a ReDoS vulnerability (00c425ec).</li> </ul> <p>A specially crafted value of the <code>Sec-Websocket-Protocol</code> header could be used to significantly slow down a ws server.</p> <pre lang="js"><code>for (const length of [1000, 2000, 4000, 8000, 16000, 32000]) { const value = 'b' + ' '.repeat(length) + 'x'; const start = process.hrtime.bigint(); <p>value.trim().split(/ *, */);</p> <p>const end = process.hrtime.bigint();</p> <p>console.log('length = %d, time = %f ns', length, end - start); } </code></pre></p> <p>The vulnerability was responsibly disclosed along with a fix in private by <a href="https://github.com/robmcl4">Robert McLaughlin</a> from University of California, Santa Barbara.</p> <p>In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the <a href="https://nodejs.org/api/cli.html#cli_max_http_header_size_size"><code>--max-http-header-size=size</code></a> and/or the <a href="https://nodejs.org/api/http.html#http_http_createserver_options_requestlistener"><code>maxHeaderSize</code></a> options.</p> <h2>7.4.5</h2> <h1>Bug fixes</h1> <ul> <li>UTF-8 validation is now done even if <code>utf-8-validate</code> is not installed (23ba6b29).</li> <li>Fixed an edge case where <code>websocket.close()</code> and <code>websocket.terminate()</code> did not close the connection (67e25ff5).</li> </ul> <h2>7.4.4</h2> <h1>Bug fixes</h1> <ul> <li>Fixed a bug that could cause the process to crash when using the permessage-deflate extension (92774377).</li> </ul> <h2>7.4.3</h2> <h1>Bug fixes</h1> <ul> <li>The deflate/inflate stream is now reset instead of reinitialized when context takeover is disabled (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/1840">#1840</a>).</li> </ul> <h2>7.4.2</h2> <h1>Bug fixes</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/f5297f7090f6a628832a730187c5b3a06a247f00"><code>f5297f7</code></a> [dist] 7.4.6</li> <li><a href="https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a5c44e17023ff"><code>00c425e</code></a> [security] Fix ReDoS vulnerability</li> <li><a href="https://github.com/websockets/ws/commit/990306d1446faf346c76452409a4c11455690514"><code>990306d</code></a> [lint] Fix prettier error</li> <li><a href="https://github.com/websockets/ws/commit/32e3a8439b7c8273b44fe1adb5682f529e34d0ba"><code>32e3a84</code></a> [security] Remove reference to Node Security Project</li> <li><a href="https://github.com/websockets/ws/commit/8c914d18b86a7d1408884d18eeadae0fa41b0bb5"><code>8c914d1</code></a> [minor] Fix nits</li> <li><a href="https://github.com/websockets/ws/commit/fc7e27d12ad0af90ce05302afc85c292024000b4"><code>fc7e27d</code></a> [ci] Test on node 16</li> <li><a href="https://github.com/websockets/ws/commit/587c201bfc22c460658ca304d23477fc7ebd2a60"><code>587c201</code></a> [ci] Do not test on node 15</li> <li><a href="https://github.com/websockets/ws/commit/f67271079755e79a1ac2b40f3f4efb94ca024539"><code>f672710</code></a> [dist] 7.4.5</li> <li><a href="https://github.com/websockets/ws/commit/67e25ff50230d131d76b1061ca0be5c991df161f"><code>67e25ff</code></a> [fix] Fix case where <code>abortHandshake()</code> does not close the connection</li> <li><a href="https://github.com/websockets/ws/commit/23ba6b2922f521f2b656891a997ab562b7139dd4"><code>23ba6b2</code></a> [fix] Make UTF-8 validation work even if utf-8-validate is not installed</li> <li>Additional commits viewable in <a href="https://github.com/websockets/ws/compare/7.3.1...7.4.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/client/dns-packet-1.3.4

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 4b6a7532d95e02221d6511c9519cc503b9edcfa9

Bump dns-packet from 1.3.1 to 1.3.4 in /client Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4. - [Release notes](https://github.com/mafintosh/dns-packet/releases) - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha e37f84dcafd79bca08358f6197cdbd91af897db0

Merge pull request #378 from meirim-org/dependabot/npm_and_yarn/client/dns-packet-1.3.4 Bump dns-packet from 1.3.1 to 1.3.4 in /client

view details

push time in 2 months

PR merged meirim-org/meirim

Bump dns-packet from 1.3.1 to 1.3.4 in /client dependencies

Bumps dns-packet from 1.3.1 to 1.3.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/dns-packet/commit/ebdf849da5dc0d96836e87628349776c623c5be7"><code>ebdf849</code></a> 1.3.4</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/ac578722f2707310b841b65aae61d6332f8882a1"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/c64c9507e51532c9e9a3cbefa146a134ecc025fd"><code>c64c950</code></a> 1.3.3</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0598ba19d18da4568b32415e60a9629061b3c45c"><code>0598ba1</code></a> fix .. in encodingLength</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/010aedb33c1ee8c3f558db5249c1d46e2bd7a101"><code>010aedb</code></a> 1.3.2</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0d0d593f8df4e2712c43957a6c62e95047f12b2d"><code>0d0d593</code></a> backport encodingLength fix to v1</li> <li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/nodemailer-6.4.16

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 58907f31df09f59b7782889ac111d768e7f6c7b4

Bump nodemailer from 6.4.14 to 6.4.16 in /server Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 6.4.14 to 6.4.16. - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodemailer/nodemailer/compare/v6.4.14...v6.4.16) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha 7d93570a8a268a2b0d76b93dbab4186e5cc52b24

Merge pull request #366 from meirim-org/dependabot/npm_and_yarn/server/nodemailer-6.4.16 Bump nodemailer from 6.4.14 to 6.4.16 in /server

view details

push time in 2 months

PR merged meirim-org/meirim

Bump nodemailer from 6.4.14 to 6.4.16 in /server dependencies

Bumps nodemailer from 6.4.14 to 6.4.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md">nodemailer's changelog</a>.</em></p> <blockquote> <h2>6.4.16 2020-11-12</h2> <ul> <li>Applied updated prettier formating rules</li> </ul> <h2>6.4.15 2020-11-06</h2> <ul> <li>Minor changes in header key casing</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54"><code>ba31c64</code></a> v6.4.16</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/7e7b2b23ed9a56ce60245bf1c7a444e5981a259b"><code>7e7b2b2</code></a> v6.4.15</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/fca2041bdf33e4a6cb61929abb2503fa4e630219"><code>fca2041</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/b4ccfa347a805d17c1d0fc5e719c2fb6cdc435e8"><code>b4ccfa3</code></a> Oups</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/24b93bf75f946b138fcad663effababd4a328972"><code>24b93bf</code></a> Add ethereal.email to well-known/services.json</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/0f132fa0e5b65b105bfebc9a123515bd0217a15a"><code>0f132fa</code></a> doc: make the code a little more accessible with some code comments.</li> <li>See full diff in <a href="https://github.com/nodemailer/nodemailer/compare/v6.4.14...v6.4.16">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/lodash-4.17.21

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 4b1bb63ca86ef43786d687a0fdcee5d415a24fb6

Bump lodash from 4.17.20 to 4.17.21 in /server Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha 9bac088a243a24989fd083da5cf4a4b03ae756a5

Merge pull request #365 from meirim-org/dependabot/npm_and_yarn/server/lodash-4.17.21 Bump lodash from 4.17.20 to 4.17.21 in /server

view details

push time in 2 months

PR merged meirim-org/meirim

Bump lodash from 4.17.20 to 4.17.21 in /server dependencies

Bumps lodash from 4.17.20 to 4.17.21. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.20...4.17.21">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+4 -4

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/server/handlebars-4.7.7

delete time in 2 months

PR merged meirim-org/meirim

Bump handlebars from 4.7.6 to 4.7.7 in /server dependencies

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps handlebars from 4.7.6 to 4.7.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.7 - February 15th, 2021</h2> <ul> <li>fix weird error in integration tests - eb860c0</li> <li>fix: check prototype property access in strict-mode (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736">#1736</a>) - b6d3de7</li> <li>fix: escape property names in compat mode (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736">#1736</a>) - f058970</li> <li>refactor: In spec tests, use expectTemplate over equals and shouldThrow (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1683">#1683</a>) - 77825f8</li> <li>chore: start testing on Node.js 12 and 13 - 3789a30</li> </ul> <p>(POSSIBLY) BREAKING CHANGES:</p> <ul> <li>the changes from version <a href="https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020">4.6.0</a> now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1633">#1633</a> for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.</li> </ul> <p>That is why we only bump the patch version despite mentioning breaking changes.</p> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7">Commits</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/a9a8e403213583ca90cb7c872d3a22796c37d961"><code>a9a8e40</code></a> v4.7.7</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/e66aed5b99c1b6c93564f37d627e34e5d60eb76e"><code>e66aed5</code></a> Update release notes</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/7d4d170ce46a53084a41920c5c7387c131357989"><code>7d4d170</code></a> disable IE in Saucelabs tests</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/eb860c08998f8f506360d305d89e1f4b40f72a0a"><code>eb860c0</code></a> fix weird error in integration tests</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8"><code>b6d3de7</code></a> fix: check prototype property access in strict-mode (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736">#1736</a>)</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427"><code>f058970</code></a> fix: escape property names in compat mode (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736">#1736</a>)</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/77825f8d3522356feb8e4160fac16344104d192b"><code>77825f8</code></a> refator: In spec tests, use expectTemplate over equals and shouldThrow (<a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1683">#1683</a>)</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/3789a309554fd600caeae442f40881cf93eb3b54"><code>3789a30</code></a> chore: start testing on Node.js 12 and 13</li> <li>See full diff in <a href="https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+7 -7

1 comment

2 changed files

dependabot[bot]

pr closed time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 1b6d9d9cfa580cf3d6bd4893be8dcfd318725f98

Bump handlebars from 4.7.6 to 4.7.7 in /server Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md) - [Commits](https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha 42e69ce6ab40f1271da51854a5a38f144fed9772

Merge pull request #364 from meirim-org/dependabot/npm_and_yarn/server/handlebars-4.7.7 Bump handlebars from 4.7.6 to 4.7.7 in /server

view details

push time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/client/hosted-git-info-2.8.9

delete time in 2 months

push eventmeirim-org/meirim

dependabot[bot]

commit sha 3c852ad1294e86e455287ea714fc88e910999af6

Bump hosted-git-info from 2.8.8 to 2.8.9 in /client Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9) Signed-off-by: dependabot[bot] <support@github.com>

view details

florpor

commit sha b209fe282ce97464331bdf98331c516c36457352

Merge pull request #363 from meirim-org/dependabot/npm_and_yarn/client/hosted-git-info-2.8.9 Bump hosted-git-info from 2.8.8 to 2.8.9 in /client

view details

push time in 2 months

PR merged meirim-org/meirim

Bump hosted-git-info from 2.8.8 to 2.8.9 in /client dependencies

Bumps hosted-git-info from 2.8.8 to 2.8.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md">hosted-git-info's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9">2.8.9</a> (2021-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a> (<a href="https://github.com/npm/hosted-git-info/commit/29adfe5">29adfe5</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/84">#84</a></li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01"><code>8d4b369</code></a> chore(release): 2.8.9</li> <li><a href="https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7"><code>29adfe5</code></a> fix: backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a></li> <li>See full diff in <a href="https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~nlf">nlf</a>, a new releaser for hosted-git-info since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch meirim-org/meirim

delete branch : dependabot/npm_and_yarn/client/lodash-4.17.21

delete time in 2 months