profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/geraldbcastillo/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

geraldbcastillo/babywearing 0

A project from Ruby for Good

geraldbcastillo/coral 0

An upcoming project for Ruby for Good

geraldbcastillo/diaper 0

Diaperbase is an inventory system for diaper banks, to aid them in tracking their inventory and providing statistics about their inventory flows.

geraldbcastillo/ordered-arrowverse 0

A listing of all shows in the Arrowverse in watch order to ensure continuity and sensible ordering for crossover episodes

geraldbcastillo/voices-of-consent 0

Open source tracking and inventory management application for nonprofit, Voices of Consent (Ruby for Good 2019)

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/tar-4.4.19

delete time in 18 days

PR merged geraldbcastillo/dog-parks

Bump tar from 4.4.15 to 4.4.19 dependencies

Bumps tar from 4.4.15 to 4.4.19. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/node-tar/commit/9a6faa017ca90538840f3ae2ccdb4550ac3f4dcf"><code>9a6faa0</code></a> 4.4.19</li> <li><a href="https://github.com/npm/node-tar/commit/70ef812593184cc54ea1bc74c5dae2d22995002d"><code>70ef812</code></a> drop dirCache for symlink on all platforms</li> <li><a href="https://github.com/npm/node-tar/commit/3e35515c09da615ac268254bed85fe43ee71e2f0"><code>3e35515</code></a> 4.4.18</li> <li><a href="https://github.com/npm/node-tar/commit/52b09e309bcae0c741a7eb79a17ef36e7828b946"><code>52b09e3</code></a> fix: prevent path escape using drive-relative paths</li> <li><a href="https://github.com/npm/node-tar/commit/bb93ba243746f705092905da1955ac3b0509ba1e"><code>bb93ba2</code></a> fix: reserve paths properly for unicode, windows</li> <li><a href="https://github.com/npm/node-tar/commit/2f1bca027286c23e110b8dfc7efc10756fa3db5a"><code>2f1bca0</code></a> fix: prune dirCache properly for unicode, windows</li> <li><a href="https://github.com/npm/node-tar/commit/9bf70a8cf725c3af5fe2270f1e5d2e06d1559b93"><code>9bf70a8</code></a> 4.4.17</li> <li><a href="https://github.com/npm/node-tar/commit/6aafff0a8621ba9509b63654bde28762be373d58"><code>6aafff0</code></a> fix: skip extract if linkpath is stripped entirely</li> <li><a href="https://github.com/npm/node-tar/commit/5c5059a69c2aaaedfe4e9766e102ae9fb79e8255"><code>5c5059a</code></a> fix: reserve paths case-insensitively</li> <li><a href="https://github.com/npm/node-tar/commit/fd6accba697070560f301604b8f5f7e2995a2a8b"><code>fd6accb</code></a> 4.4.16</li> <li>Additional commits viewable in <a href="https://github.com/npm/node-tar/compare/v4.4.15...v4.4.19">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+17 -17

0 comment

1 changed file

dependabot[bot]

pr closed time in 18 days

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 90d7bf949622c54dc5b59999721ca8ca39e52117

Bump tar from 4.4.15 to 4.4.19 (#53) Bumps [tar](https://github.com/npm/node-tar) from 4.4.15 to 4.4.19. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-tar/compare/v4.4.15...v4.4.19) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 18 days

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/url-parse-1.5.3

delete time in 18 days

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 5f38e94ca9095870b5b93aa283c3ef020f7a45b6

Bump url-parse from 1.5.1 to 1.5.3 (#52) Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 18 days

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/path-parse-1.0.7

delete time in 18 days

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 23c66572c2dc7c6c7aebbc689fc6749f2ef68f80

Bump path-parse from 1.0.6 to 1.0.7 (#51) Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 18 days

PR merged geraldbcastillo/dog-parks

Bump path-parse from 1.0.6 to 1.0.7 dependencies

Bumps path-parse from 1.0.6 to 1.0.7. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jbgutierrez/path-parse/commits/v1.0.7">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 18 days

push eventgeraldbcastillo/and-chill

Gerald Castillo

commit sha 5f01f033f8062246391b4b4b4769d490f50e20fe

Update Search.js

view details

push time in a month

push eventgeraldbcastillo/and-chill

Gerald Castillo

commit sha eed328853792c4d90111b947b20dae9f7c3f67c1

Update Search.js

view details

push time in a month

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/tar-4.4.15

delete time in a month

PR merged geraldbcastillo/dog-parks

Bump tar from 4.4.13 to 4.4.15 dependencies

Bumps tar from 4.4.13 to 4.4.15. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/node-tar/commit/843c897e6844f70a34bb115df6c8a9b60112aaf5"><code>843c897</code></a> 4.4.15</li> <li><a href="https://github.com/npm/node-tar/commit/46fe35083e2676e31c4e0a81639dce6da7aaa356"><code>46fe350</code></a> Remove paths from dirCache when no longer dirs</li> <li><a href="https://github.com/npm/node-tar/commit/df3aa4d10253a886be82519acb901b446ca3feeb"><code>df3aa4d</code></a> 4.4.14</li> <li><a href="https://github.com/npm/node-tar/commit/6d2801396fbad917ab8332ec8e91ff3d15bc22c6"><code>6d28013</code></a> add publishConfig tag</li> <li><a href="https://github.com/npm/node-tar/commit/efc6bb0dbd54df8c7285d7aac12bba959b8387a6"><code>efc6bb0</code></a> fix: strip absolute paths more comprehensively</li> <li>See full diff in <a href="https://github.com/npm/node-tar/compare/v4.4.13...v4.4.15">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+14 -7

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha e41e0d97a34eca980a9e3b847d9511de7db5a9ec

Bump tar from 4.4.13 to 4.4.15 (#50) Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.15. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-tar/compare/v4.4.13...v4.4.15) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in a month

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/color-string-1.5.5

delete time in 3 months

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 04a519dde56bf8798a5475db8e556feb05aae52a

Bump color-string from 1.5.3 to 1.5.5 (#49) Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.5.5. - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.5.5) --- updated-dependencies: - dependency-name: color-string dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 3 months

PR merged geraldbcastillo/dog-parks

Bump color-string from 1.5.3 to 1.5.5 dependencies

Bumps color-string from 1.5.3 to 1.5.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Qix-/color-string/releases">color-string's releases</a>.</em></p> <blockquote> <h2>1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)</h2> <blockquote> <p>Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3</p> </blockquote> <pre><code>Discovered by Yeting Li, c/o Colin Ife via Snyk.io. <p>A ReDos (Regular Expression Denial of Service) vulnerability was responsibly disclosed to me via email by Colin on Mar 5 2021 regarding an exponential time complexity for linearly increasing input lengths for <code>hwb()</code> color strings.</p> <p>Strings reaching more than 5000 characters would see several milliseconds of processing time; strings reaching more than 50,000 characters began seeing 1500ms (1.5s) of processing time.</p> <p>The cause was due to a the regular expression that parses hwb() strings - specifically, the hue value - where the integer portion of the hue value used a 0-or-more quantifier shortly thereafter followed by a 1-or-more quantifier.</p> <p>This caused excessive backtracking and a cartesian scan, resulting in exponential time complexity given a linear increase in input length.</p> <p>Thank you Yeting Li and Colin Ife for bringing this to my attention in a secure, responsible and professional manner.</p> <p>A CVE will not be assigned for this vulnerability. </code></pre></p> <h2>1.5.4 (Patch Release)</h2> <ul> <li>Removes rounding of alpha values in RGBA hex (<code>#rrggbbaa</code>) and condensed-hex (<code>#rgba</code>) parsers, which caused certain unique inputs to result in identical outputs (see <a href="https://github.com/qix-/color/issues/174">https://github.com/qix-/color/issues/174</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/Qix-/color-string/commits/1.5.5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/ws-5.2.3

delete time in 3 months

PR merged geraldbcastillo/dog-parks

Bump ws from 5.2.2 to 5.2.3 dependencies

Bumps ws from 5.2.2 to 5.2.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>5.2.3</h2> <h1>Bug fixes</h1> <ul> <li>Backported 00c425ec to the 5.x release line (76d47c14).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/6dd88e7e968ef2416445d8f8620c17d99b15c77c"><code>6dd88e7</code></a> [dist] 5.2.3</li> <li><a href="https://github.com/websockets/ws/commit/76d47c1479002022a3e4357b3c9f0e23a68d4cd2"><code>76d47c1</code></a> [security] Fix ReDoS vulnerability</li> <li>See full diff in <a href="https://github.com/websockets/ws/compare/5.2.2...5.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha de57cb80effe895f171c3b6ae43a5ecfb84cb3cd

Bump ws from 5.2.2 to 5.2.3 (#48) Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 3 months

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/dns-packet-1.3.4

delete time in 3 months

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 3ef26b770c3d26bcefa71712652f65e1bfe0c0ae

Bump dns-packet from 1.3.1 to 1.3.4 (#45) Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4. - [Release notes](https://github.com/mafintosh/dns-packet/releases) - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 3 months

PR merged geraldbcastillo/dog-parks

Bump dns-packet from 1.3.1 to 1.3.4 dependencies

Bumps dns-packet from 1.3.1 to 1.3.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/dns-packet/commit/ebdf849da5dc0d96836e87628349776c623c5be7"><code>ebdf849</code></a> 1.3.4</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/ac578722f2707310b841b65aae61d6332f8882a1"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/c64c9507e51532c9e9a3cbefa146a134ecc025fd"><code>c64c950</code></a> 1.3.3</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0598ba19d18da4568b32415e60a9629061b3c45c"><code>0598ba1</code></a> fix .. in encodingLength</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/010aedb33c1ee8c3f558db5249c1d46e2bd7a101"><code>010aedb</code></a> 1.3.2</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0d0d593f8df4e2712c43957a6c62e95047f12b2d"><code>0d0d593</code></a> backport encodingLength fix to v1</li> <li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/merge-deep-3.0.3

delete time in 3 months

PR merged geraldbcastillo/dog-parks

Bump merge-deep from 3.0.2 to 3.0.3 dependencies

Bumps merge-deep from 3.0.2 to 3.0.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/628ff47c9d824ccf21adf9a2b7cc6b74632e11a1"><code>628ff47</code></a> 3.0.3</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/cfbe20ccdb00255b711de57e37ed8ce9f109ef3f"><code>cfbe20c</code></a> run verb to generate README documentation</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/e370968581413a2e5ffdbbf7c2f5094e0e0b3861"><code>e370968</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/jonschlinkert/merge-deep/issues/17">#17</a> from jonschlinkert/key-properties</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/393e2cbaeacf54e77a307c3620a00f0ac057b8d5"><code>393e2cb</code></a> adding a test to ensure using merge-deep for inheritance still works</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/c39b16134a6a9704be2e661b49b92e8561f10d90"><code>c39b161</code></a> add test to ensure constructor is not cloned</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/11e5dd56de8a6aed0b1ed022089dbce6968d82a5"><code>11e5dd5</code></a> add isValidKey function to ensure only valid keys are merged</li> <li>See full diff in <a href="https://github.com/jonschlinkert/merge-deep/compare/3.0.2...3.0.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha dd4cec54e2c2cbf94c301bac64136dc2c0a08ad8

Bump merge-deep from 3.0.2 to 3.0.3 (#46) Bumps [merge-deep](https://github.com/jonschlinkert/merge-deep) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/jonschlinkert/merge-deep/releases) - [Commits](https://github.com/jonschlinkert/merge-deep/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: merge-deep dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 3 months

delete branch geraldbcastillo/dog-parks

delete branch : dependabot/npm_and_yarn/postcss-7.0.36

delete time in 3 months

push eventgeraldbcastillo/dog-parks

dependabot[bot]

commit sha 3cfadc2e71c5a96f94b2b644c7996b22d698a556

Bump postcss from 7.0.23 to 7.0.36 (#47) Bumps [postcss](https://github.com/postcss/postcss) from 7.0.23 to 7.0.36. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.23...7.0.36) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 3 months

PR merged geraldbcastillo/dog-parks

Bump postcss from 7.0.23 to 7.0.36 dependencies

Bumps postcss from 7.0.23 to 7.0.36. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>7.0.36</h2> <ul> <li>Backport ReDoS vulnerabilities from PostCSS 8.</li> </ul> <h2>7.0.35</h2> <ul> <li>Add <a href="https://github.com/postcss/postcss/wiki/PostCSS-8-for-end-users">migration guide link</a> to PostCSS 8 error text.</li> </ul> <h2>7.0.34</h2> <ul> <li>Fix compatibility with <code>postcss-scss</code> 2.</li> </ul> <h2>7.0.33</h2> <ul> <li>Add error message for PostCSS 8 plugins.</li> </ul> <h2>7.0.32</h2> <ul> <li>Fix error message (by <a href="https://github.com/admosity"><code>@​admosity</code></a>).</li> </ul> <h2>7.0.31</h2> <ul> <li>Use only the latest source map annotation (by <a href="https://github.com/emzoumpo"><code>@​emzoumpo</code></a>).</li> </ul> <h2>7.0.30</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>)</li> </ul> <h2>7.0.29</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.28</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>).</li> </ul> <h2>7.0.27</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>).</li> </ul> <h2>7.0.26</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>)</li> </ul> <h2>7.0.25</h2> <ul> <li>Fix absolute path support for Windows (by <a href="https://github.com/tomrav"><code>@​tomrav</code></a>)</li> </ul> <h2>7.0.24</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/keithamus"><code>@​keithamus</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>7.0.36</h2> <ul> <li>Backport ReDoS vulnerabilities from PostCSS 8.</li> </ul> <h2>7.0.35</h2> <ul> <li>Add migration guide link to PostCSS 8 error text.</li> </ul> <h2>7.0.34</h2> <ul> <li>Fix compatibility with <code>postcss-scss</code> 2.</li> </ul> <h2>7.0.33</h2> <ul> <li>Add error message for PostCSS 8 plugins.</li> </ul> <h2>7.0.36</h2> <ul> <li>Backport ReDoS vulnerabilities from PostCSS 8.</li> </ul> <h2>7.0.35</h2> <ul> <li>Add migration guide link to PostCSS 8 error text.</li> </ul> <h2>7.0.34</h2> <ul> <li>Fix compatibility with <code>postcss-scss</code> 2.</li> </ul> <h2>7.0.33</h2> <ul> <li>Add error message for PostCSS 8 plugins.</li> </ul> <h2>7.0.32</h2> <ul> <li>Fix error message (by <a href="https://github.com/admosity"><code>@​admosity</code></a>).</li> </ul> <h2>7.0.31</h2> <ul> <li>Use only the latest source map annotation (by Emmanouil Zoumpoulakis).</li> </ul> <h2>7.0.30</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.29</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.28</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.27</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.26</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.25</h2> <ul> <li>Fix absolute path support for Windows (by Tom Raviv).</li> </ul> <h2>7.0.24</h2> <ul> <li>Fix TypeScript definition (by Keith Cirkel).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/postcss/postcss/commit/67e3d7b3402c5d3d036ab7c1e781f86910d6ca72"><code>67e3d7b</code></a> Release 7.0.36 version</li> <li><a href="https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734"><code>54cbf3c</code></a> Backport ReDoS vulnerabilities from PostCSS 8</li> <li><a href="https://github.com/postcss/postcss/commit/12832f3d203474bd273bd06bd3b2407567bfe09e"><code>12832f3</code></a> Release 7.0.35 version</li> <li><a href="https://github.com/postcss/postcss/commit/4455ef6baf84ceea87cb662131f95d798063896c"><code>4455ef6</code></a> Use OpenCollective in funding</li> <li><a href="https://github.com/postcss/postcss/commit/e867c794b5d646839350dd4b76f3cc81423413e6"><code>e867c79</code></a> Add migration guide to PostCSS 8 error</li> <li><a href="https://github.com/postcss/postcss/commit/32a22a98bc4de9c7a2489041ceae24eedc62144f"><code>32a22a9</code></a> Release 7.0.34 version</li> <li><a href="https://github.com/postcss/postcss/commit/22939829688574b9acdbd29106ca2ec9470b2b17"><code>2293982</code></a> Lock build targets</li> <li><a href="https://github.com/postcss/postcss/commit/2c3a111a940b373a60fae196e63931b3b6e9d8ca"><code>2c3a111</code></a> Release 7.0.33 version</li> <li><a href="https://github.com/postcss/postcss/commit/4105f21b48d75847e822e89746633792c478922b"><code>4105f21</code></a> Use yaspeller instead of yaspeller-ci</li> <li><a href="https://github.com/postcss/postcss/commit/c8d02a0da503f9fa5d96a854a2c9244710c18c72"><code>c8d02a0</code></a> Revert yaspeller-ci removal</li> <li>Additional commits viewable in <a href="https://github.com/postcss/postcss/compare/7.0.23...7.0.36">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months