profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/kentac55/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

kentac55/rca-sw-push-ts 2

react-create-app + serviceworker + push notification + typescript

kentac55/amqp.node 0

AMQP 0-9-1 library and client for Node.JS

kentac55/arduino-study 0

5年遅れのIoT自習

kentac55/calibpy 0

Library for Clean Archtecture written in python

kentac55/coc-python 0

Python extension for coc.nvim, fork of vscode-python

kentac55/crawler2 0

webスクレイピングツール with Scala

kentac55/ejan_core 0

でもそれ絵じゃん

startedCyberRex0/5000choyen-api

started time in 11 days

startedTaKO8Ki/gobang

started time in 12 days

startedpriyankavergadia/GCPSketchnote

started time in 17 days

startedymmt2005/grpc-tutorial

started time in 21 days

startedyoshikyoto/lgtmoon

started time in a month

startedfthomas/refined

started time in a month

startedr-darwish/topgrade

started time in a month

startedpr4th4m/coc-restclient

started time in 2 months

startedtype-challenges/type-challenges

started time in 2 months

delete branch kentac55/blog

delete branch : dependabot/npm_and_yarn/types/react-dom-17.0.8

delete time in 2 months

PR closed kentac55/blog

Bump @types/react-dom from 16.9.8 to 17.0.8 dependencies

⚠️ Dependabot Preview has been deactivated ⚠️

This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to dependabot commands nor will it be automatically closed if a new version is found.

If you close this pull request, Dependabot will re-create it the next time it checks for updates and everything will work as expected.


Bumps @types/react-dom from 16.9.8 to 17.0.8. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -5

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

delete branch kentac55/blog

delete branch : dependabot/npm_and_yarn/next/mdx-10.0.4

delete time in 2 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha 0deff056591250a2aa76ebb90f185ecc63b11d49

Bump @next/mdx from 9.4.4 to 10.0.4 Bumps [@next/mdx](https://github.com/vercel/next.js/tree/HEAD/packages/next-mdx) from 9.4.4 to 10.0.4. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/commits/v10.0.4/packages/next-mdx) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 57b4d98782a0cd7eace6892e51eff417137f05cc

Merge pull request #187 from kentac55/dependabot/npm_and_yarn/next/mdx-10.0.4 Bump @next/mdx from 9.4.4 to 10.0.4

view details

push time in 2 months

PR merged kentac55/blog

Bump @next/mdx from 9.4.4 to 10.0.4 dependencies

⚠️ Dependabot Preview has been deactivated ⚠️

This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to dependabot commands nor will it be automatically closed if a new version is found.

If you close this pull request, Dependabot will re-create it the next time it checks for updates and everything will work as expected.


Bumps @next/mdx from 9.4.4 to 10.0.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/eeb2838511a89b0176d68891b578d04f81c0de9f"><code>eeb2838</code></a> v10.0.4</li> <li><a href="https://github.com/vercel/next.js/commit/625d854cd468d262a2e56ca484b34022af9576d5"><code>625d854</code></a> v10.0.4-canary.10</li> <li><a href="https://github.com/vercel/next.js/commit/2a6f481c71756da29fb054dcc0cee00d37581afe"><code>2a6f481</code></a> v10.0.4-canary.9</li> <li><a href="https://github.com/vercel/next.js/commit/121e88d89c41d965184e09cc1d4d32274262b9b8"><code>121e88d</code></a> v10.0.4-canary.8</li> <li><a href="https://github.com/vercel/next.js/commit/0970873bb76d1d98ecbd6d3b094521cd7343b4d4"><code>0970873</code></a> v10.0.4-canary.7</li> <li><a href="https://github.com/vercel/next.js/commit/a7812ef7ebe1a65b1570fb4187690d32b2a93156"><code>a7812ef</code></a> v10.0.4-canary.6</li> <li><a href="https://github.com/vercel/next.js/commit/1132a8dedf2d02ec67286f2d37ce2cdeb259b387"><code>1132a8d</code></a> v10.0.4-canary.5</li> <li><a href="https://github.com/vercel/next.js/commit/f4809b950b5df005dafecf92d81509f458668802"><code>f4809b9</code></a> v10.0.4-canary.4</li> <li><a href="https://github.com/vercel/next.js/commit/19fed3f83b88c587cbac943ea34fbfbbb76161ff"><code>19fed3f</code></a> v10.0.4-canary.3</li> <li><a href="https://github.com/vercel/next.js/commit/b403e9ec15668c98a802c42bd17cb3f3678535cd"><code>b403e9e</code></a> v10.0.4-canary.2</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/commits/v10.0.4/packages/next-mdx">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -5

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in 2 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha c058467bddc7bada0011065320deef4983b727ff

Bump @mapbox/rehype-prism from 0.4.0 to 0.6.0 Bumps [@mapbox/rehype-prism](https://github.com/mapbox/rehype-prism) from 0.4.0 to 0.6.0. - [Release notes](https://github.com/mapbox/rehype-prism/releases) - [Changelog](https://github.com/mapbox/rehype-prism/blob/main/CHANGELOG.md) - [Commits](https://github.com/mapbox/rehype-prism/compare/v0.4.0...v0.6.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 5390b2d2761ab33a02e163371069340782082975

Merge branch 'master' into dependabot/npm_and_yarn/mapbox/rehype-prism-0.6.0

view details

dependabot-preview[bot]

commit sha 058250d9422c4257eeba9d8a80b62cde6c222c31

Upgrade to GitHub-native Dependabot

view details

dependabot-preview[bot]

commit sha ec9bee3dc27292d7f8be6ccf8ba23ee3cde75aa3

Bump @types/node from 14.14.37 to 15.12.5 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.12.5. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha ffd00d4c43e4c2038e6c362b6ac715ef3ea0cc9d

Merge branch 'master' into dependabot/npm_and_yarn/types/node-15.12.5

view details

dependabot-preview[bot]

commit sha ff5b8399abd3aabec60a21661a95a56667e29f21

[Security] Bump lodash from 4.17.20 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. **This update includes a security fix.** - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha b07e2b402a7153339d588b235cc0ad9aeddf26f7

[Security] Bump postcss from 7.0.35 to 7.0.36 Bumps [postcss](https://github.com/postcss/postcss) from 7.0.35 to 7.0.36. **This update includes a security fix.** - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.35...7.0.36) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha 96e1ea3d03fc1d53b59bf591d2727b657905d1dd

[Security] Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. **This update includes a security fix.** - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha 7d1a728a3cde616e635d7534f30ec0ffda2a9901

Bump ms from 2.1.2 to 2.1.3 Bumps [ms](https://github.com/vercel/ms) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/vercel/ms/releases) - [Commits](https://github.com/vercel/ms/compare/2.1.2...2.1.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha ab6ddcc6457267543f14a7e45bc2d16d5b3f8966

Bump react from 16.13.1 to 16.14.0 Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.13.1 to 16.14.0. - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v16.14.0/packages/react) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha 275752afc28cec83990fa97aa517ac0df3a5367f

Bump styled-jsx from 3.3.2 to 3.4.4 Bumps [styled-jsx](https://github.com/vercel/styled-jsx) from 3.3.2 to 3.4.4. - [Release notes](https://github.com/vercel/styled-jsx/releases) - [Commits](https://github.com/vercel/styled-jsx/compare/v3.3.2...v3.4.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha f67df1fe664206a7c775e1fa4ac77158b597a225

Merge pull request #219 from kentac55/dependabot/npm_and_yarn/types/node-15.12.5 Bump @types/node from 14.14.37 to 15.12.5

view details

kentac55

commit sha 4ca2db2650f52c8814d1c30de0c51ea551c5d7e4

Merge pull request #214 from kentac55/dependabot/npm_and_yarn/postcss-7.0.36 [Security] Bump postcss from 7.0.35 to 7.0.36

view details

kentac55

commit sha 968c219ec3e5effc8862021187fc12cfa7048eaa

Merge pull request #209 from kentac55/dependabot/npm_and_yarn/glob-parent-5.1.2 [Security] Bump glob-parent from 5.1.1 to 5.1.2

view details

kentac55

commit sha 828e49edd62572fcf9961e257d9f473d45927605

Merge pull request #193 from kentac55/dependabot/npm_and_yarn/lodash-4.17.21 [Security] Bump lodash from 4.17.20 to 4.17.21

view details

kentac55

commit sha c3c2955959ae44bad1d8ab193e1dd948b388d85d

Merge pull request #190 from kentac55/dependabot/add-v2-config-file Upgrade to GitHub-native Dependabot

view details

kentac55

commit sha 6937bf522e83dc1ecb06f7fa0c118e3de72491cf

Merge pull request #161 from kentac55/dependabot/npm_and_yarn/mapbox/rehype-prism-0.6.0 Bump @mapbox/rehype-prism from 0.4.0 to 0.6.0

view details

kentac55

commit sha 6353fe86bdf8167ae5a533d870f7218e0fb4514a

Merge pull request #179 from kentac55/dependabot/npm_and_yarn/ms-2.1.3 Bump ms from 2.1.2 to 2.1.3

view details

kentac55

commit sha 81123bf8c4193576037c97d626472ea5c2e38695

Merge pull request #180 from kentac55/dependabot/npm_and_yarn/react-16.14.0 Bump react from 16.13.1 to 16.14.0

view details

kentac55

commit sha 60bf8a9351e135bf68c7b1002f981a9ab96177b2

Merge pull request #182 from kentac55/dependabot/npm_and_yarn/styled-jsx-3.4.4 Bump styled-jsx from 3.3.2 to 3.4.4

view details

push time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha 275752afc28cec83990fa97aa517ac0df3a5367f

Bump styled-jsx from 3.3.2 to 3.4.4 Bumps [styled-jsx](https://github.com/vercel/styled-jsx) from 3.3.2 to 3.4.4. - [Release notes](https://github.com/vercel/styled-jsx/releases) - [Commits](https://github.com/vercel/styled-jsx/compare/v3.3.2...v3.4.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 60bf8a9351e135bf68c7b1002f981a9ab96177b2

Merge pull request #182 from kentac55/dependabot/npm_and_yarn/styled-jsx-3.4.4 Bump styled-jsx from 3.3.2 to 3.4.4

view details

push time in 3 months

PR merged kentac55/blog

Bump styled-jsx from 3.3.2 to 3.4.4 dependencies

Bumps styled-jsx from 3.3.2 to 3.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/styled-jsx/releases">styled-jsx's releases</a>.</em></p> <blockquote> <h2>v3.4.4</h2> <h2><a href="https://github.com/vercel/styled-jsx/compare/v3.4.3...v3.4.4">3.4.4</a> (2021-02-16)</h2> <h3>Bug Fixes</h3> <ul> <li>missing files on package.json (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/700">#700</a>) (<a href="https://github.com/vercel/styled-jsx/commit/27418790cc3031113d031e2742ecdaab197e18a3">2741879</a>)</li> </ul> <h2>v3.4.3</h2> <h2><a href="https://github.com/vercel/styled-jsx/compare/v3.4.2...v3.4.3">3.4.3</a> (2021-02-16)</h2> <h3>Bug Fixes</h3> <ul> <li>Typing module location and invalid export (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/699">#699</a>) (<a href="https://github.com/vercel/styled-jsx/commit/c33b931a032a721a126fca9aa742fa27fafc0752">c33b931</a>)</li> </ul> <h2>v3.4.2</h2> <h2><a href="https://github.com/vercel/styled-jsx/compare/v3.4.1...v3.4.2">3.4.2</a> (2021-02-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>webpack:</strong> change webpack loader output to fix babel warnings (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/697">#697</a>) (<a href="https://github.com/vercel/styled-jsx/commit/e5c602b64317e79709d1ac88b28c36d8c3e77f22">e5c602b</a>)</li> </ul> <h2>v3.4.1</h2> <h2><a href="https://github.com/vercel/styled-jsx/compare/v3.4.0...v3.4.1">3.4.1</a> (2021-01-15)</h2> <h3>Bug Fixes</h3> <ul> <li>Add typings to npm package (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/694">#694</a>) (<a href="https://github.com/vercel/styled-jsx/commit/2f8d8521062b97bad3dcd4352e3d13dd9927900d">2f8d852</a>)</li> </ul> <h2>v3.4.0</h2> <h1><a href="https://github.com/vercel/styled-jsx/compare/v3.3.3...v3.4.0">3.4.0</a> (2021-01-15)</h1> <h3>Features</h3> <ul> <li>add TypeScript typings builtin (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/692">#692</a>) (<a href="https://github.com/vercel/styled-jsx/commit/4dd5c13316f136a62fb52cdcb9d3b2943e8e4748">4dd5c13</a>)</li> </ul> <h2>v3.3.3</h2> <h2><a href="https://github.com/vercel/styled-jsx/compare/v3.3.2...v3.3.3">3.3.3</a> (2021-01-14)</h2> <h3>Bug Fixes</h3> <ul> <li>make styled-jsx/babel plugin respect the source type (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/684">#684</a>) (<a href="https://github.com/vercel/styled-jsx/commit/eb65f35db1e9f279e1c55b02dd8e5331d24fb59d">eb65f35</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/styled-jsx/commit/27418790cc3031113d031e2742ecdaab197e18a3"><code>2741879</code></a> fix: missing files on package.json (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/700">#700</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/c33b931a032a721a126fca9aa742fa27fafc0752"><code>c33b931</code></a> fix: Typing module location and invalid export (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/699">#699</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/e5c602b64317e79709d1ac88b28c36d8c3e77f22"><code>e5c602b</code></a> fix(webpack): change webpack loader output to fix babel warnings (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/697">#697</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/2f8d8521062b97bad3dcd4352e3d13dd9927900d"><code>2f8d852</code></a> fix: Add typings to npm package (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/694">#694</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/4dd5c13316f136a62fb52cdcb9d3b2943e8e4748"><code>4dd5c13</code></a> feat: add TypeScript typings builtin (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/692">#692</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/eb65f35db1e9f279e1c55b02dd8e5331d24fb59d"><code>eb65f35</code></a> fix: make styled-jsx/babel plugin respect the source type (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/684">#684</a>)</li> <li><a href="https://github.com/vercel/styled-jsx/commit/65b4f64e1c117eb83e18089d65792a2640473d8e"><code>65b4f64</code></a> ci: fix build triggers (<a href="https://github-redirect.dependabot.com/vercel/styled-jsx/issues/693">#693</a>)</li> <li>See full diff in <a href="https://github.com/vercel/styled-jsx/compare/v3.3.2...v3.4.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+34 -17

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha ab6ddcc6457267543f14a7e45bc2d16d5b3f8966

Bump react from 16.13.1 to 16.14.0 Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.13.1 to 16.14.0. - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v16.14.0/packages/react) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 81123bf8c4193576037c97d626472ea5c2e38695

Merge pull request #180 from kentac55/dependabot/npm_and_yarn/react-16.14.0 Bump react from 16.13.1 to 16.14.0

view details

push time in 3 months

PR merged kentac55/blog

Bump react from 16.13.1 to 16.14.0 dependencies

Bumps react from 16.13.1 to 16.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>16.14.0 (October 14, 2020)</h2> <h3>React</h3> <ul> <li>Add support for the <a href="https://reactjs.org/blog/2020/09/22/introducing-the-new-jsx-transform.html">new JSX transform</a>. (<a href="https://github.com/lunaruan"><code>@lunaruan</code></a> in <a href="https://github-redirect.dependabot.com/facebook/react/pull/18299">#18299</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/master/CHANGELOG.md">react's changelog</a>.</em></p> <blockquote> <h2>16.14.0 (October 14, 2020)</h2> <h3>React</h3> <ul> <li>Add support for the <a href="https://reactjs.org/blog/2020/09/22/introducing-the-new-jsx-transform.html">new JSX transform</a>. (<a href="https://github.com/lunaruan"><code>@lunaruan</code></a> in <a href="https://github-redirect.dependabot.com/facebook/react/pull/18299">#18299</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/facebook/react/commit/c63741fb3daef6c1e8746cbe7d7b07ecb281a9fd"><code>c63741f</code></a> offscreen double invoke effects (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19523">#19523</a>)</li> <li><a href="https://github.com/facebook/react/commit/c6917346ff9f7ebdfbe11b73a72c82153ac704ec"><code>c691734</code></a> Fixed broken Profiler test (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19894">#19894</a>)</li> <li><a href="https://github.com/facebook/react/commit/87c023b1c1b00d6776b7031f6e105913ead355da"><code>87c023b</code></a> Profiler onRender only called when we do work (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19885">#19885</a>)</li> <li><a href="https://github.com/facebook/react/commit/81aaee56afba2bb3558f2aaa484b594f23b59d4c"><code>81aaee5</code></a> Don't call onCommit et al if there are no effects (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19863">#19863</a>)</li> <li><a href="https://github.com/facebook/react/commit/bc6b7b6b16f771bfc8048fe15e211ac777253b64"><code>bc6b7b6</code></a> Don't trigger lazy in DEV during element creation (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19871">#19871</a>)</li> <li><a href="https://github.com/facebook/react/commit/781212aab344b1619806369d768fad0c1ac3e04a"><code>781212a</code></a> Remove double space in test name (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19762">#19762</a>)</li> <li><a href="https://github.com/facebook/react/commit/d17086c7c813402a550d15a2f56dc43f1dbd1735"><code>d17086c</code></a> Decouple public, internal act implementation (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19745">#19745</a>)</li> <li><a href="https://github.com/facebook/react/commit/1f38dcff67d12828be771403e183652f5e93909a"><code>1f38dcf</code></a> Remove withSuspenseConfig (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19724">#19724</a>)</li> <li><a href="https://github.com/facebook/react/commit/ddd1faa1972b614dfbfae205f2aa4a6c0b39a759"><code>ddd1faa</code></a> Remove config argument from useTransition (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19719">#19719</a>)</li> <li><a href="https://github.com/facebook/react/commit/92fcd46cc79bbf45df4ce86b0678dcef3b91078d"><code>92fcd46</code></a> Replace SuspenseConfig object with an integer (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/19706">#19706</a>)</li> <li>Additional commits viewable in <a href="https://github.com/facebook/react/commits/v16.14.0/packages/react">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -3

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha 7d1a728a3cde616e635d7534f30ec0ffda2a9901

Bump ms from 2.1.2 to 2.1.3 Bumps [ms](https://github.com/vercel/ms) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/vercel/ms/releases) - [Commits](https://github.com/vercel/ms/compare/2.1.2...2.1.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 6353fe86bdf8167ae5a533d870f7218e0fb4514a

Merge pull request #179 from kentac55/dependabot/npm_and_yarn/ms-2.1.3 Bump ms from 2.1.2 to 2.1.3

view details

push time in 3 months

PR merged kentac55/blog

Bump ms from 2.1.2 to 2.1.3 dependencies

Bumps ms from 2.1.2 to 2.1.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/ms/releases">ms's releases</a>.</em></p> <blockquote> <h2>2.1.3</h2> <h3>Patches</h3> <ul> <li>Rename zeit to vercel: <a href="https://github-redirect.dependabot.com/vercel/ms/issues/151">#151</a></li> <li>Bump eslint from 4.12.1 to 4.18.2: <a href="https://github-redirect.dependabot.com/vercel/ms/issues/122">#122</a></li> <li>Add prettier as a dev dependency: <a href="https://github-redirect.dependabot.com/vercel/ms/issues/135">#135</a> <a href="https://github-redirect.dependabot.com/vercel/ms/issues/153">#153</a></li> <li>Use GitHub Actions CI: <a href="https://github-redirect.dependabot.com/vercel/ms/issues/154">#154</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/getsnoopy"><code>@getsnoopy</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/ms/commit/1c6264b795492e8fdecbc82cb8802fcfbfc08d26"><code>1c6264b</code></a> 2.1.3</li> <li><a href="https://github.com/vercel/ms/commit/82495ad75797223f11bd0c30427b3b5e94847e64"><code>82495ad</code></a> Use GitHub Actions CI (<a href="https://github-redirect.dependabot.com/vercel/ms/issues/154">#154</a>)</li> <li><a href="https://github.com/vercel/ms/commit/1a13a88f8c74604a96be3f4930fefe9765ea3613"><code>1a13a88</code></a> Run prettier 2.x (<a href="https://github-redirect.dependabot.com/vercel/ms/issues/153">#153</a>)</li> <li><a href="https://github.com/vercel/ms/commit/1048042000b85eb406ce0f261a39cadfc8e072a5"><code>1048042</code></a> Add prettier as a dev dependency (<a href="https://github-redirect.dependabot.com/vercel/ms/issues/135">#135</a>)</li> <li><a href="https://github.com/vercel/ms/commit/f2bfb40e7a245fcfa14d787c3c9e5cc3e5884332"><code>f2bfb40</code></a> Rename zeit to vercel (<a href="https://github-redirect.dependabot.com/vercel/ms/issues/151">#151</a>)</li> <li><a href="https://github.com/vercel/ms/commit/adf1eb282d29fe3c405d205a3854177b86a97c1f"><code>adf1eb2</code></a> Bump eslint from 4.12.1 to 4.18.2 (<a href="https://github-redirect.dependabot.com/vercel/ms/issues/122">#122</a>)</li> <li>See full diff in <a href="https://github.com/vercel/ms/compare/2.1.2...2.1.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+6 -1

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha c058467bddc7bada0011065320deef4983b727ff

Bump @mapbox/rehype-prism from 0.4.0 to 0.6.0 Bumps [@mapbox/rehype-prism](https://github.com/mapbox/rehype-prism) from 0.4.0 to 0.6.0. - [Release notes](https://github.com/mapbox/rehype-prism/releases) - [Changelog](https://github.com/mapbox/rehype-prism/blob/main/CHANGELOG.md) - [Commits](https://github.com/mapbox/rehype-prism/compare/v0.4.0...v0.6.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 5390b2d2761ab33a02e163371069340782082975

Merge branch 'master' into dependabot/npm_and_yarn/mapbox/rehype-prism-0.6.0

view details

kentac55

commit sha 6937bf522e83dc1ecb06f7fa0c118e3de72491cf

Merge pull request #161 from kentac55/dependabot/npm_and_yarn/mapbox/rehype-prism-0.6.0 Bump @mapbox/rehype-prism from 0.4.0 to 0.6.0

view details

push time in 3 months

PR merged kentac55/blog

Bump @mapbox/rehype-prism from 0.4.0 to 0.6.0 dependencies

Bumps @mapbox/rehype-prism from 0.4.0 to 0.6.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mapbox/rehype-prism/blob/main/CHANGELOG.md"><code>@mapbox/rehype-prism's changelog</code></a>.</em></p> <blockquote> <h2>0.6.0</h2> <ul> <li>Update dependencies.</li> </ul> <h2>0.5.0</h2> <ul> <li>Update dependencies.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mapbox/rehype-prism/commit/fad71f6175c6bf7b2434ccca3d9eb82f18ed9998"><code>fad71f6</code></a> 0.6.0</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/e0142e03523c8a5a07a7cf273c0c5efa7df30bf0"><code>e0142e0</code></a> Update dependencies (<a href="https://github-redirect.dependabot.com/mapbox/rehype-prism/issues/19">#19</a>)</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/f8b9a393b32d0ea58de1ff3605c2fc4212a34831"><code>f8b9a39</code></a> Update Travis badge</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/dfafc88ed46a4d4bc0a88b85fc49dde7e4023502"><code>dfafc88</code></a> Bump lodash from 4.17.15 to 4.17.19 (<a href="https://github-redirect.dependabot.com/mapbox/rehype-prism/issues/16">#16</a>)</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/94f0880bf9d80221527e87112c42c015f44cdee0"><code>94f0880</code></a> 0.5.0</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/31845708102836647a39eeaf561ba352ee82bbb1"><code>3184570</code></a> Prepare 0.5.0</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/d4351f0834b32507eb6aafa53636885ccb2a46ab"><code>d4351f0</code></a> Update dependencies (<a href="https://github-redirect.dependabot.com/mapbox/rehype-prism/issues/15">#15</a>)</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/02ed9f4ca0e9545ac0bed83defe774806b55dfdb"><code>02ed9f4</code></a> Update README.md</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/a03df4368c7810a866054a7fa71fd1b8f49438b9"><code>a03df43</code></a> Remove ambiguity of the package name in the docs (<a href="https://github-redirect.dependabot.com/mapbox/rehype-prism/issues/14">#14</a>)</li> <li><a href="https://github.com/mapbox/rehype-prism/commit/9046f4e2cf230335e1fb9f6046b1bf619fa9ebb6"><code>9046f4e</code></a> Prepare 0.4.0</li> <li>See full diff in <a href="https://github.com/mapbox/rehype-prism/compare/v0.4.0...v0.6.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mapbox-npm-07">mapbox-npm-07</a>, a new releaser for @mapbox/rehype-prism since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+24 -33

2 comments

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha 058250d9422c4257eeba9d8a80b62cde6c222c31

Upgrade to GitHub-native Dependabot

view details

kentac55

commit sha c3c2955959ae44bad1d8ab193e1dd948b388d85d

Merge pull request #190 from kentac55/dependabot/add-v2-config-file Upgrade to GitHub-native Dependabot

view details

push time in 3 months

PR merged kentac55/blog

Upgrade to GitHub-native Dependabot dependencies

Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then.

Dependabot has been fully integrated into GitHub, so you no longer have to install and manage a separate app. This pull request migrates your configuration from Dependabot.com to a config file, using the new syntax. When merged, we'll swap out dependabot-preview (me) for a new dependabot app, and you'll be all set!

With this change, you'll now use the Dependabot page in GitHub, rather than the Dependabot dashboard, to monitor your version updates, and you'll configure Dependabot through the new config file rather than a UI.

If you've got any questions or feedback for us, please let us know by creating an issue in the dependabot/dependabot-core repository.

Learn more about migrating to GitHub-native Dependabot

Please note that regular @dependabot commands do not work on this pull request.

+48 -0

2 comments

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha ff5b8399abd3aabec60a21661a95a56667e29f21

[Security] Bump lodash from 4.17.20 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. **This update includes a security fix.** - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 828e49edd62572fcf9961e257d9f473d45927605

Merge pull request #193 from kentac55/dependabot/npm_and_yarn/lodash-4.17.21 [Security] Bump lodash from 4.17.20 to 4.17.21

view details

push time in 3 months

PR merged kentac55/blog

[Security] Bump lodash from 4.17.20 to 4.17.21 dependencies security

Bumps lodash from 4.17.20 to 4.17.21. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-35jh-r3h4-6jhm">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Command Injection in lodash</strong> <code>lodash</code> versions prior to 4.17.21 are vulnerable to Command Injection via the template function.</p> <p>Affected versions: < 4.17.21</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.20...4.17.21">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -6

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha 96e1ea3d03fc1d53b59bf591d2727b657905d1dd

[Security] Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. **This update includes a security fix.** - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 968c219ec3e5effc8862021187fc12cfa7048eaa

Merge pull request #209 from kentac55/dependabot/npm_and_yarn/glob-parent-5.1.2 [Security] Bump glob-parent from 5.1.1 to 5.1.2

view details

push time in 3 months

PR merged kentac55/blog

[Security] Bump glob-parent from 5.1.1 to 5.1.2 dependencies security

Bumps glob-parent from 5.1.1 to 5.1.2. This update includes a security fix. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-ww39-953v-wcq6">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Regular expression denial of service</strong> This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.</p> <p>Affected versions: < 5.1.2</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/releases">glob-parent's releases</a>.</em></p> <blockquote> <h2>v5.1.2</h2> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md">glob-parent's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">5.1.2</a> (2021-03-06)</h3> <h3>Bug Fixes</h3> <ul> <li>eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>) (<a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366">f923116</a>)</li> </ul> <h2><a href="https://www.github.com/gulpjs/glob-parent/compare/v5.1.2...v6.0.0">6.0.0</a> (2021-05-03)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>)</li> <li>upgrade scaffold, dropping node <10 support</li> </ul> <h3>Bug Fixes</h3> <ul> <li>Correct mishandled escaped path separators (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/34">#34</a>) (<a href="https://www.github.com/gulpjs/glob-parent/commit/32f6d52663b7addac38d0dff570d8127edf03f47">32f6d52</a>), closes <a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/32">#32</a></li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li>upgrade scaffold, dropping node <10 support (<a href="https://www.github.com/gulpjs/glob-parent/commit/e83d0c5a411947cf69eb58f36349db80439c606f">e83d0c5</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gulpjs/glob-parent/commit/eb2c439de448c779b450472e591a2bc9e37e9668"><code>eb2c439</code></a> chore: update changelog</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/12bcb6c45c942e2d05fc1e6ff5402e72555b54b6"><code>12bcb6c</code></a> chore: release 5.1.2</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366"><code>f923116</code></a> fix: eliminate ReDoS (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/36">#36</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/0b014a7962789b2d8f2cf0b6311f40667aecd62c"><code>0b014a7</code></a> chore: add JSDoc returns information (<a href="https://github-redirect.dependabot.com/gulpjs/glob-parent/issues/33">#33</a>)</li> <li><a href="https://github.com/gulpjs/glob-parent/commit/2b24ebd64b2a045aa167c825376335555da139fd"><code>2b24ebd</code></a> chore: generate initial changelog</li> <li>See full diff in <a href="https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -3

1 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 months

push eventkentac55/blog

dependabot-preview[bot]

commit sha b07e2b402a7153339d588b235cc0ad9aeddf26f7

[Security] Bump postcss from 7.0.35 to 7.0.36 Bumps [postcss](https://github.com/postcss/postcss) from 7.0.35 to 7.0.36. **This update includes a security fix.** - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.35...7.0.36) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

kentac55

commit sha 4ca2db2650f52c8814d1c30de0c51ea551c5d7e4

Merge pull request #214 from kentac55/dependabot/npm_and_yarn/postcss-7.0.36 [Security] Bump postcss from 7.0.35 to 7.0.36

view details

push time in 3 months