profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/mitchellirvin/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Mitchell Irvin mitchellirvin @palantir Washington, D.C. http://mitchell-irvin.com Christian, husband, thinker, software developer.

mitchellirvin/coding-challenges 2

A playground for the purpose of developing proficiency in algorithm design, as well as a robust understanding of data structures and their relationships

mitchellirvin/get-fit 1

Web application that designs a custom workout program based on the user's unique inputs. Utilizes: MEAN.JS - Full-Stack JavaScript Using MongoDB, Express, AngularJS, and Node.js -

CodyFitzpatrick/CIS4930 0

Analysis on IMDB Database

mitchellirvin/airport 0

Airport simulation, allows a user to add/remove passengers from flights. For the purpose of unit and integration testing proficiency.

mitchellirvin/angular-starter 0

Application demonstrating key concepts of the Angular framework. Counts on https://github.com/mitchellirvin/spring-boot-starter for data.

mitchellirvin/blog 0

Duplicate of the Attila theme of Ghost, using Handlebars

mitchellirvin/blog-api 0

API serving blog data via the GraphQL pattern

mitchellirvin/blueprint 0

A React-based UI toolkit for the web

push eventnoelleirvin/blog

Mitchell Irvin

commit sha 9d49a185106ad56c01287c7d263aff8a0416a091

temptation for the wealthy

view details

Mitchell Irvin

commit sha 59ca391e7decb2bfc3bab977cd6f652415a5f2b3

Merge branch 'master' of https://github.com/noelleirvin/blog

view details

push time in a month

push eventnoelleirvin/blog

dependabot[bot]

commit sha 0c7f00942f55964e8cd4a341d0388f4a3a4cbc48

Bump tar from 4.4.10 to 4.4.17 Bumps [tar](https://github.com/npm/node-tar) from 4.4.10 to 4.4.17. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-tar/compare/v4.4.10...v4.4.17) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 26a943341d075fb76e267507a0ef338d3850c0c1

Merge pull request #35 from noelleirvin/dependabot/npm_and_yarn/tar-4.4.17 Bump tar from 4.4.10 to 4.4.17

view details

push time in a month

PR merged noelleirvin/blog

Bump tar from 4.4.10 to 4.4.17 dependencies

Bumps tar from 4.4.10 to 4.4.17. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/node-tar/commit/9bf70a8cf725c3af5fe2270f1e5d2e06d1559b93"><code>9bf70a8</code></a> 4.4.17</li> <li><a href="https://github.com/npm/node-tar/commit/6aafff0a8621ba9509b63654bde28762be373d58"><code>6aafff0</code></a> fix: skip extract if linkpath is stripped entirely</li> <li><a href="https://github.com/npm/node-tar/commit/5c5059a69c2aaaedfe4e9766e102ae9fb79e8255"><code>5c5059a</code></a> fix: reserve paths case-insensitively</li> <li><a href="https://github.com/npm/node-tar/commit/fd6accba697070560f301604b8f5f7e2995a2a8b"><code>fd6accb</code></a> 4.4.16</li> <li><a href="https://github.com/npm/node-tar/commit/53cea6ed26a7f1a0b420b374e4219e328b9cf067"><code>53cea6e</code></a> tests: run (and pass) on windows</li> <li><a href="https://github.com/npm/node-tar/commit/166cfc0c1dcec3de9f6e6f5f7269177d5b9c1058"><code>166cfc0</code></a> fix: refactoring to pass tests on Windows</li> <li><a href="https://github.com/npm/node-tar/commit/ce5148e12d1f9fed671e84673a4c7bd6ef743cfb"><code>ce5148e</code></a> fix: refactoring to pass tests on Windows</li> <li><a href="https://github.com/npm/node-tar/commit/3f2e2da3866c4e5f26ca0c0d6721cb371c5a3933"><code>3f2e2da</code></a> fix: normalize paths on Windows systems</li> <li><a href="https://github.com/npm/node-tar/commit/e29a6654bf5e428faeca5344630f01974891a80a"><code>e29a665</code></a> fix: properly prefix hard links</li> <li><a href="https://github.com/npm/node-tar/commit/fd2a38d7240b8c257aed0ead95a2d29ed204db76"><code>fd2a38d</code></a> chore: WriteEntry cleaner write() handling</li> <li>Additional commits viewable in <a href="https://github.com/npm/node-tar/compare/v4.4.10...v4.4.17">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+35 -47

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventnoelleirvin/blog

dependabot[bot]

commit sha 79f3f7066e8c78949a561852eb2936207ecba6ae

Bump url-parse from 1.5.1 to 1.5.3 Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.3. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3) --- updated-dependencies: - dependency-name: url-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 476fbcdbb01e6104098af859940211a808700254

Merge pull request #33 from noelleirvin/dependabot/npm_and_yarn/url-parse-1.5.3 Bump url-parse from 1.5.1 to 1.5.3

view details

push time in a month

PR merged noelleirvin/blog

Bump url-parse from 1.5.1 to 1.5.3 dependencies

Bumps url-parse from 1.5.1 to 1.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/unshiftio/url-parse/commit/ad444931666a30bad11472d89a216461cf16cae2"><code>ad44493</code></a> [dist] 1.5.3</li> <li><a href="https://github.com/unshiftio/url-parse/commit/c7984617e235892cc22e0f47bb5ff1c012e6e39f"><code>c798461</code></a> [fix] Fix host parsing for file URLs (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/210">#210</a>)</li> <li><a href="https://github.com/unshiftio/url-parse/commit/201034b8670c2aa382d7ec410ee750ac6f2f9c38"><code>201034b</code></a> [dist] 1.5.2</li> <li><a href="https://github.com/unshiftio/url-parse/commit/2d9ac2c94067742b2116332c1e03be9f37371dff"><code>2d9ac2c</code></a> [fix] Sanitize only special URLs (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/209">#209</a>)</li> <li><a href="https://github.com/unshiftio/url-parse/commit/fb128af4f43fa17f351d50cf615c7598c751f50a"><code>fb128af</code></a> [fix] Use <code>'null'</code> as <code>origin</code> for non special URLs</li> <li><a href="https://github.com/unshiftio/url-parse/commit/fed6d9e338ea39de2d68bb66607066d71328c62f"><code>fed6d9e</code></a> [fix] Add a leading slash only if the URL is special</li> <li><a href="https://github.com/unshiftio/url-parse/commit/94872e7ab9103ee69b958959baa14c9e682a7f10"><code>94872e7</code></a> [fix] Do not incorrectly set the <code>slashes</code> property to <code>true</code></li> <li><a href="https://github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0"><code>81ab967</code></a> [fix] Ignore slashes after the protocol for special URLs</li> <li><a href="https://github.com/unshiftio/url-parse/commit/ee22050a48a67409aa5f7c87947284156d615bd1"><code>ee22050</code></a> [ci] Use GitHub Actions</li> <li><a href="https://github.com/unshiftio/url-parse/commit/d2979b586d8c7751e0c77f127d9ce1b2143cc0c9"><code>d2979b5</code></a> [fix] Special case the <code>file:</code> protocol (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/204">#204</a>)</li> <li>Additional commits viewable in <a href="https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -9

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventnoelleirvin/blog

dependabot[bot]

commit sha 70dc1e76cfe5623b6427a0068a730a91427c0457

Bump postcss from 7.0.14 to 7.0.36 Bumps [postcss](https://github.com/postcss/postcss) from 7.0.14 to 7.0.36. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.14...7.0.36) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 628fd4c1990b622d5986bb3c10cecc2818fa889c

Merge pull request #34 from noelleirvin/dependabot/npm_and_yarn/postcss-7.0.36 Bump postcss from 7.0.14 to 7.0.36

view details

push time in a month

PR merged noelleirvin/blog

Bump postcss from 7.0.14 to 7.0.36 dependencies

Bumps postcss from 7.0.14 to 7.0.36. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>7.0.36</h2> <ul> <li>Backport ReDoS vulnerabilities from PostCSS 8.</li> </ul> <h2>7.0.35</h2> <ul> <li>Add <a href="https://github.com/postcss/postcss/wiki/PostCSS-8-for-end-users">migration guide link</a> to PostCSS 8 error text.</li> </ul> <h2>7.0.34</h2> <ul> <li>Fix compatibility with <code>postcss-scss</code> 2.</li> </ul> <h2>7.0.33</h2> <ul> <li>Add error message for PostCSS 8 plugins.</li> </ul> <h2>7.0.32</h2> <ul> <li>Fix error message (by <a href="https://github.com/admosity"><code>@​admosity</code></a>).</li> </ul> <h2>7.0.31</h2> <ul> <li>Use only the latest source map annotation (by <a href="https://github.com/emzoumpo"><code>@​emzoumpo</code></a>).</li> </ul> <h2>7.0.30</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>)</li> </ul> <h2>7.0.29</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.28</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>).</li> </ul> <h2>7.0.27</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>).</li> </ul> <h2>7.0.26</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/nex3"><code>@​nex3</code></a>)</li> </ul> <h2>7.0.25</h2> <ul> <li>Fix absolute path support for Windows (by <a href="https://github.com/tomrav"><code>@​tomrav</code></a>)</li> </ul> <h2>7.0.24</h2> <ul> <li>Fix TypeScript definition (by <a href="https://github.com/keithamus"><code>@​keithamus</code></a>).</li> </ul> <h2>7.0.23</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.22</h2> <ul> <li>Add funding link for <code>npm fund</code>.</li> </ul> <h2>7.0.21</h2> <ul> <li>Revert passing <code>nodes</code> property to node constructor.</li> </ul> <h2>7.0.20</h2> <ul> <li>Allow to pass PostCSS’s nodes in <code>nodes</code> property to node constructor.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>7.0.36</h2> <ul> <li>Backport ReDoS vulnerabilities from PostCSS 8.</li> </ul> <h2>7.0.35</h2> <ul> <li>Add migration guide link to PostCSS 8 error text.</li> </ul> <h2>7.0.34</h2> <ul> <li>Fix compatibility with <code>postcss-scss</code> 2.</li> </ul> <h2>7.0.33</h2> <ul> <li>Add error message for PostCSS 8 plugins.</li> </ul> <h2>7.0.32</h2> <ul> <li>Fix error message (by <a href="https://github.com/admosity"><code>@​admosity</code></a>).</li> </ul> <h2>7.0.31</h2> <ul> <li>Use only the latest source map annotation (by Emmanouil Zoumpoulakis).</li> </ul> <h2>7.0.30</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.29</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.28</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.27</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.26</h2> <ul> <li>Fix TypeScript definition (by Natalie Weizenbaum).</li> </ul> <h2>7.0.25</h2> <ul> <li>Fix absolute path support for Windows (by Tom Raviv).</li> </ul> <h2>7.0.24</h2> <ul> <li>Fix TypeScript definition (by Keith Cirkel).</li> </ul> <h2>7.0.23</h2> <ul> <li>Update <code>Processor#version</code>.</li> </ul> <h2>7.0.22</h2> <ul> <li>Add funding link for <code>npm fund</code>.</li> </ul> <h2>7.0.21</h2> <ul> <li>Revert passing <code>nodes</code> property to node constructor.</li> </ul> <h2>7.0.20</h2> <ul> <li>Allow to pass PostCSS’s nodes in <code>nodes</code> property to node constructor.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/postcss/postcss/commit/67e3d7b3402c5d3d036ab7c1e781f86910d6ca72"><code>67e3d7b</code></a> Release 7.0.36 version</li> <li><a href="https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734"><code>54cbf3c</code></a> Backport ReDoS vulnerabilities from PostCSS 8</li> <li><a href="https://github.com/postcss/postcss/commit/12832f3d203474bd273bd06bd3b2407567bfe09e"><code>12832f3</code></a> Release 7.0.35 version</li> <li><a href="https://github.com/postcss/postcss/commit/4455ef6baf84ceea87cb662131f95d798063896c"><code>4455ef6</code></a> Use OpenCollective in funding</li> <li><a href="https://github.com/postcss/postcss/commit/e867c794b5d646839350dd4b76f3cc81423413e6"><code>e867c79</code></a> Add migration guide to PostCSS 8 error</li> <li><a href="https://github.com/postcss/postcss/commit/32a22a98bc4de9c7a2489041ceae24eedc62144f"><code>32a22a9</code></a> Release 7.0.34 version</li> <li><a href="https://github.com/postcss/postcss/commit/22939829688574b9acdbd29106ca2ec9470b2b17"><code>2293982</code></a> Lock build targets</li> <li><a href="https://github.com/postcss/postcss/commit/2c3a111a940b373a60fae196e63931b3b6e9d8ca"><code>2c3a111</code></a> Release 7.0.33 version</li> <li><a href="https://github.com/postcss/postcss/commit/4105f21b48d75847e822e89746633792c478922b"><code>4105f21</code></a> Use yaspeller instead of yaspeller-ci</li> <li><a href="https://github.com/postcss/postcss/commit/c8d02a0da503f9fa5d96a854a2c9244710c18c72"><code>c8d02a0</code></a> Revert yaspeller-ci removal</li> <li>Additional commits viewable in <a href="https://github.com/postcss/postcss/compare/7.0.14...7.0.36">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+37 -9

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventnoelleirvin/blog

dependabot[bot]

commit sha c4114567ba88ba7b7907c62f2ed9185ebd78554b

Bump path-parse from 1.0.6 to 1.0.7 Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 18176d1ed64a40b0c0f1bf527c2b3fe1e9cad1b8

Merge pull request #32 from noelleirvin/dependabot/npm_and_yarn/path-parse-1.0.7 Bump path-parse from 1.0.6 to 1.0.7

view details

push time in a month

PR merged noelleirvin/blog

Bump path-parse from 1.0.6 to 1.0.7 dependencies

Bumps path-parse from 1.0.6 to 1.0.7. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jbgutierrez/path-parse/commits/v1.0.7">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

PR merged noelleirvin/blog

Bump yargs-parser from 10.1.0 to 13.1.2 dependencies

Bumps yargs-parser from 10.1.0 to 13.1.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/blob/main/docs/CHANGELOG-full.md">yargs-parser's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/yargs/yargs-parser/compare/v14.0.0...v15.0.0">15.0.0</a> (2019-10-07)</h2> <h3>Features</h3> <ul> <li>rework <code>collect-unknown-options</code> into <code>unknown-options-as-args</code>, providing more comprehensive functionality (<a href="https://github.com/yargs/yargs-parser/commit/ef771ca">ef771ca</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>rework <code>collect-unknown-options</code> into <code>unknown-options-as-args</code>, providing more comprehensive functionality</li> </ul> <h2><a href="https://github.com/yargs/yargs-parser/compare/v13.1.1...v14.0.0">14.0.0</a> (2019-09-06)</h2> <h3>Bug Fixes</h3> <ul> <li>boolean arrays with default values (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/185">#185</a>) (<a href="https://github.com/yargs/yargs-parser/commit/7d42572">7d42572</a>)</li> <li>boolean now behaves the same as other array types (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/184">#184</a>) (<a href="https://github.com/yargs/yargs-parser/commit/17ca3bd">17ca3bd</a>)</li> <li>eatNargs() for 'opt.narg === 0' and boolean typed options (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/188">#188</a>) (<a href="https://github.com/yargs/yargs-parser/commit/c5a1db0">c5a1db0</a>)</li> <li>maybeCoerceNumber now takes precedence over coerce return value (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/182">#182</a>) (<a href="https://github.com/yargs/yargs-parser/commit/2f26436">2f26436</a>)</li> <li>take into account aliases when appending arrays from config object (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/199">#199</a>) (<a href="https://github.com/yargs/yargs-parser/commit/f8a2d3f">f8a2d3f</a>)</li> </ul> <h3>Features</h3> <ul> <li>add configuration option to "collect-unknown-options" (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/181">#181</a>) (<a href="https://github.com/yargs/yargs-parser/commit/7909cc4">7909cc4</a>)</li> <li>maybeCoerceNumber() now takes into account arrays (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/187">#187</a>) (<a href="https://github.com/yargs/yargs-parser/commit/31c204b">31c204b</a>)</li> </ul> <h3>BREAKING CHANGES</h3> <ul> <li>unless "parse-numbers" is set to "false", arrays of numeric strings are now parsed as numbers, rather than strings.</li> <li>we have dropped the broken "defaulted" functionality; we would like to revisit adding this in the future.</li> <li>maybeCoerceNumber now takes precedence over coerce return value (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/182">#182</a>)</li> </ul> <h3><a href="https://www.github.com/yargs/yargs-parser/compare/v13.1.0...v13.1.1">13.1.1</a> (2019-06-10)</h3> <h3>Bug Fixes</h3> <ul> <li>convert values to strings when tokenizing (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/167">#167</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/57b7883">57b7883</a>)</li> <li>nargs should allow duplicates when duplicate-arguments-array=false (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/164">#164</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/47ccb0b">47ccb0b</a>)</li> <li>should populate "_" when given config with "short-option-groups" false (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/179">#179</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/6055974">6055974</a>)</li> </ul> <h2><a href="https://github.com/yargs/yargs-parser/compare/v13.0.0...v13.1.0">13.1.0</a> (2019-05-05)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/yargs/yargs-parser/commits">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~oss-bot">oss-bot</a>, a new releaser for yargs-parser since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+5586 -3479

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventnoelleirvin/blog

dependabot[bot]

commit sha c5bc3265bf71f4a3f9d22751f4f9a1fa96e1c46a

Bump yargs-parser from 10.1.0 to 13.1.2 Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 10.1.0 to 13.1.2. - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/main/docs/CHANGELOG-full.md) - [Commits](https://github.com/yargs/yargs-parser/commits) --- updated-dependencies: - dependency-name: yargs-parser dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 99bc2c350d83fbedbb7fb3cb1b34aac3c6f28c54

Merge pull request #36 from noelleirvin/dependabot/npm_and_yarn/yargs-parser-13.1.2 Bump yargs-parser from 10.1.0 to 13.1.2

view details

push time in a month

push eventnoelleirvin/blog

Mitchell Irvin

commit sha 6923729dd6bcdcdc68f8d2122cc6ee7eba05ad18

updating dependencies, outlining stewardship

view details

push time in a month

push eventnoelleirvin/blog

Mitchell Irvin

commit sha d5ed3065c9cfe1f39244b4b56c92628354feda82

the temptation of money

view details

push time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/ws-5.2.3

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha 3be9a26a5c50c610bdfb05b76760c71d9cc993c2

Bump ws from 5.2.2 to 5.2.3 Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha f3bad61e30a1afee71a96bd6e0bb7d45c51dd2c9

Merge pull request #30 from noelleirvin/dependabot/npm_and_yarn/ws-5.2.3 Bump ws from 5.2.2 to 5.2.3

view details

push time in 2 months

PR merged noelleirvin/blog

Bump ws from 5.2.2 to 5.2.3 dependencies

Bumps ws from 5.2.2 to 5.2.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>5.2.3</h2> <h1>Bug fixes</h1> <ul> <li>Backported 00c425ec to the 5.x release line (76d47c14).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/6dd88e7e968ef2416445d8f8620c17d99b15c77c"><code>6dd88e7</code></a> [dist] 5.2.3</li> <li><a href="https://github.com/websockets/ws/commit/76d47c1479002022a3e4357b3c9f0e23a68d4cd2"><code>76d47c1</code></a> [security] Fix ReDoS vulnerability</li> <li>See full diff in <a href="https://github.com/websockets/ws/compare/5.2.2...5.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/color-string-1.5.5

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha 4db1decabe75182cdf794328979c239a4f2b20bb

Bump color-string from 1.5.3 to 1.5.5 Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.5.5. - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.5.5) --- updated-dependencies: - dependency-name: color-string dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 2fc988d93d2fb99093271a1fc904e359b85045e3

Merge pull request #29 from noelleirvin/dependabot/npm_and_yarn/color-string-1.5.5 Bump color-string from 1.5.3 to 1.5.5

view details

push time in 2 months

PR merged noelleirvin/blog

Bump color-string from 1.5.3 to 1.5.5 dependencies

Bumps color-string from 1.5.3 to 1.5.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Qix-/color-string/releases">color-string's releases</a>.</em></p> <blockquote> <h2>1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)</h2> <blockquote> <p>Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3</p> </blockquote> <pre><code>Discovered by Yeting Li, c/o Colin Ife via Snyk.io. <p>A ReDos (Regular Expression Denial of Service) vulnerability was responsibly disclosed to me via email by Colin on Mar 5 2021 regarding an exponential time complexity for linearly increasing input lengths for <code>hwb()</code> color strings.</p> <p>Strings reaching more than 5000 characters would see several milliseconds of processing time; strings reaching more than 50,000 characters began seeing 1500ms (1.5s) of processing time.</p> <p>The cause was due to a the regular expression that parses hwb() strings - specifically, the hue value - where the integer portion of the hue value used a 0-or-more quantifier shortly thereafter followed by a 1-or-more quantifier.</p> <p>This caused excessive backtracking and a cartesian scan, resulting in exponential time complexity given a linear increase in input length.</p> <p>Thank you Yeting Li and Colin Ife for bringing this to my attention in a secure, responsible and professional manner.</p> <p>A CVE will not be assigned for this vulnerability. </code></pre></p> <h2>1.5.4 (Patch Release)</h2> <ul> <li>Removes rounding of alpha values in RGBA hex (<code>#rrggbbaa</code>) and condensed-hex (<code>#rgba</code>) parsers, which caused certain unique inputs to result in identical outputs (see <a href="https://github.com/qix-/color/issues/174">https://github.com/qix-/color/issues/174</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/Qix-/color-string/commits/1.5.5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/merge-deep-3.0.3

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha c493b2c17bc68041eb89a767b422b8d0f999788c

Bump merge-deep from 3.0.2 to 3.0.3 Bumps [merge-deep](https://github.com/jonschlinkert/merge-deep) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/jonschlinkert/merge-deep/releases) - [Commits](https://github.com/jonschlinkert/merge-deep/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: merge-deep dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 9ef3b67e96d1811a2f0a61e5501ca54dded00d50

Merge pull request #28 from noelleirvin/dependabot/npm_and_yarn/merge-deep-3.0.3 Bump merge-deep from 3.0.2 to 3.0.3

view details

push time in 2 months

PR merged noelleirvin/blog

Bump merge-deep from 3.0.2 to 3.0.3 dependencies

Bumps merge-deep from 3.0.2 to 3.0.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/628ff47c9d824ccf21adf9a2b7cc6b74632e11a1"><code>628ff47</code></a> 3.0.3</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/cfbe20ccdb00255b711de57e37ed8ce9f109ef3f"><code>cfbe20c</code></a> run verb to generate README documentation</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/e370968581413a2e5ffdbbf7c2f5094e0e0b3861"><code>e370968</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/jonschlinkert/merge-deep/issues/17">#17</a> from jonschlinkert/key-properties</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/393e2cbaeacf54e77a307c3620a00f0ac057b8d5"><code>393e2cb</code></a> adding a test to ensure using merge-deep for inheritance still works</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/c39b16134a6a9704be2e661b49b92e8561f10d90"><code>c39b161</code></a> add test to ensure constructor is not cloned</li> <li><a href="https://github.com/jonschlinkert/merge-deep/commit/11e5dd56de8a6aed0b1ed022089dbce6968d82a5"><code>11e5dd5</code></a> add isValidKey function to ensure only valid keys are merged</li> <li>See full diff in <a href="https://github.com/jonschlinkert/merge-deep/compare/3.0.2...3.0.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/dns-packet-1.3.4

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha c1eeba1ed868b70d2adea023b0e9a2c095820e6d

Bump dns-packet from 1.3.1 to 1.3.4 Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4. - [Release notes](https://github.com/mafintosh/dns-packet/releases) - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4) Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 4d310a68c5acddde222e21748e9376034485c13d

Merge pull request #27 from noelleirvin/dependabot/npm_and_yarn/dns-packet-1.3.4 Bump dns-packet from 1.3.1 to 1.3.4

view details

push time in 2 months

PR merged noelleirvin/blog

Bump dns-packet from 1.3.1 to 1.3.4 dependencies

Bumps dns-packet from 1.3.1 to 1.3.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/dns-packet/commit/ebdf849da5dc0d96836e87628349776c623c5be7"><code>ebdf849</code></a> 1.3.4</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/ac578722f2707310b841b65aae61d6332f8882a1"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/c64c9507e51532c9e9a3cbefa146a134ecc025fd"><code>c64c950</code></a> 1.3.3</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0598ba19d18da4568b32415e60a9629061b3c45c"><code>0598ba1</code></a> fix .. in encodingLength</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/010aedb33c1ee8c3f558db5249c1d46e2bd7a101"><code>010aedb</code></a> 1.3.2</li> <li><a href="https://github.com/mafintosh/dns-packet/commit/0d0d593f8df4e2712c43957a6c62e95047f12b2d"><code>0d0d593</code></a> backport encodingLength fix to v1</li> <li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+6 -6

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/hosted-git-info-2.8.9

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha 9382cd38d4f7eb6dd374656115fc6723cee13756

Bump hosted-git-info from 2.8.4 to 2.8.9 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.4 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.9) Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 9d3e66fccc2d58118c595ab673a5e52d335b7d60

Merge pull request #26 from noelleirvin/dependabot/npm_and_yarn/hosted-git-info-2.8.9 Bump hosted-git-info from 2.8.4 to 2.8.9

view details

push time in 2 months

PR merged noelleirvin/blog

Bump hosted-git-info from 2.8.4 to 2.8.9 dependencies

Bumps hosted-git-info from 2.8.4 to 2.8.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md">hosted-git-info's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9">2.8.9</a> (2021-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a> (<a href="https://github.com/npm/hosted-git-info/commit/29adfe5">29adfe5</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/84">#84</a></li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.7...v2.8.8">2.8.8</a> (2020-02-29)</h2> <h3>Bug Fixes</h3> <ul> <li><a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61">#61</a> & <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65">#65</a> addressing issues w/ url.URL implmentation which regressed node 6 support (<a href="https://github.com/npm/hosted-git-info/commit/5038b18">5038b18</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/66">#66</a></li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.6...v2.8.7">2.8.7</a> (2020-02-26)</h2> <h3>Bug Fixes</h3> <ul> <li>Do not attempt to use url.URL when unavailable (<a href="https://github.com/npm/hosted-git-info/commit/2d0bb66">2d0bb66</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61">#61</a> <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/62">#62</a></li> <li>Do not pass scp-style URLs to the WhatWG url.URL (<a href="https://github.com/npm/hosted-git-info/commit/f2cdfcf">f2cdfcf</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/60">#60</a></li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.6">2.8.6</a> (2020-02-25)</h2> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.5">2.8.5</a> (2019-10-07)</h2> <h3>Bug Fixes</h3> <ul> <li>updated pathmatch for gitlab (<a href="https://github.com/npm/hosted-git-info/commit/e8325b5">e8325b5</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/51">#51</a></li> <li>updated pathmatch for gitlab (<a href="https://github.com/npm/hosted-git-info/commit/ffe056f">ffe056f</a>)</li> </ul> <p><!-- raw HTML omitted --><!-- raw HTML omitted --></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01"><code>8d4b369</code></a> chore(release): 2.8.9</li> <li><a href="https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7"><code>29adfe5</code></a> fix: backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a></li> <li><a href="https://github.com/npm/hosted-git-info/commit/afeaefdd86ba9bb5044be3c1554a666d007cf19a"><code>afeaefd</code></a> chore(release): 2.8.8</li> <li><a href="https://github.com/npm/hosted-git-info/commit/5038b1891a61ca3cd7453acbf85d7011fe0086bb"><code>5038b18</code></a> fix: <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61">#61</a> & <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65">#65</a> addressing issues w/ url.URL implmentation which regressed nod...</li> <li><a href="https://github.com/npm/hosted-git-info/commit/7440afa859162051c191e55d8ecfaf69a193b026"><code>7440afa</code></a> chore(release): 2.8.7</li> <li><a href="https://github.com/npm/hosted-git-info/commit/2d0bb6615ecb8f9ef1019bc0737aab7f6449641f"><code>2d0bb66</code></a> fix: Do not attempt to use url.URL when unavailable</li> <li><a href="https://github.com/npm/hosted-git-info/commit/f2cdfcf33ad2bd3bd1acdba0326281089f53c5b1"><code>f2cdfcf</code></a> fix: Do not pass scp-style URLs to the WhatWG url.URL</li> <li><a href="https://github.com/npm/hosted-git-info/commit/e1b83df5d9cb1f8bb220352e20565560548d2292"><code>e1b83df</code></a> chore(release): 2.8.6</li> <li><a href="https://github.com/npm/hosted-git-info/commit/ff259a6117c62df488e927820e30bec2f7ee453f"><code>ff259a6</code></a> Ensure passwords in hosted Git URLs are correctly escaped</li> <li><a href="https://github.com/npm/hosted-git-info/commit/624fd6f301dd5a1fd7ad1b333d6f8921a12ff98c"><code>624fd6f</code></a> chore(release): 2.8.5</li> <li>Additional commits viewable in <a href="https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~nlf">nlf</a>, a new releaser for hosted-git-info since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

delete branch noelleirvin/blog

delete branch : dependabot/npm_and_yarn/url-parse-1.5.1

delete time in 2 months

push eventnoelleirvin/blog

dependabot[bot]

commit sha d3495e7f05de26eafbc03350321517911352661b

Bump url-parse from 1.4.7 to 1.5.1 Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1. - [Release notes](https://github.com/unshiftio/url-parse/releases) - [Commits](https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

Mitchell Irvin

commit sha 2e040e6c9456bb070702707de549c18e85922078

Merge pull request #25 from noelleirvin/dependabot/npm_and_yarn/url-parse-1.5.1 Bump url-parse from 1.4.7 to 1.5.1

view details

push time in 2 months