profile
viewpoint
Christoph Walcher wiomoc @NovaTecConsulting Stuttgart, Germany

wiomoc/whatsappweb-rs 58

WhatsApp Web client for Rust

wiomoc/mosquitto-jwt-auth 8

Mosquitto Auth Plugin which enables authentication via JWTs and authorisation via ACLs stored in JWT claims

johanneshiry/Weinretter 6

Rette Dein Lieblingsrestaurant in der Coronakrise, indem du den Weinkeller leer kaufst. 🍷

hft-app/native 2

Native version of the HFT App uses cordova and vue

wiomoc/aho-corasick-viz 2

Aho-Corasick Visualizer

wiomoc/MioCheck 2

Android App to manage shared lockers full of MioMate and tracking stores availability

wiomoc/k-9 1

K-9 Mail – Advanced Email for Android 📧

wiomoc/ArduinoClock 0

Alarm clock with special features

push eventhft-app/native

Christoph Walcher

commit sha a01acc02b403617b8b9e9461ea756d05f98291b1

Initial support for iOS

view details

push time in 2 days

push eventhft-app/native

Christoph Walcher

commit sha 96fe0054a6e7a8430e39ec94688ddf27a171b75c

added demo account & new screenshots

view details

push time in 2 days

pull request commentKunzisoft/KeePassDX

Early return in readHeaderField

Just for the records, this DB would crash:

keepass.kdbx.zip PW: 1234

Some KeePass "editors" don't write an EndHeaderValue

wiomoc

comment created time in 4 days

push eventNovatecConsulting/mqtt-meets-web-blog

dependabot[bot]

commit sha aeff817a0744fe66e736cdebf1a7dce054c3fbea

Bump http-proxy from 1.18.0 to 1.18.1 in /frontend/device-control Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 15 days

PR merged NovatecConsulting/mqtt-meets-web-blog

Bump http-proxy from 1.18.0 to 1.18.1 in /frontend/device-control dependencies

Bumps http-proxy from 1.18.0 to 1.18.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md">http-proxy's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...v1.18.1">v1.18.1</a> - 2020-05-17</h2> <h3>Merged</h3> <ul> <li>Skip sending the proxyReq event when the expect header is present <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1447"><code>#1447</code></a></li> <li>Remove node6 support, add node12 to build <a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/pull/1397"><code>#1397</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/http-party/node-http-proxy/commit/9b96cd725127a024dabebec6c7ea8c807272223d"><code>9b96cd7</code></a> 1.18.1</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/335aeeba2f0c286dc89c402eeb76af47834c89a3"><code>335aeeb</code></a> Skip sending the proxyReq event when the expect header is present (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1447">#1447</a>)</li> <li><a href="https://github.com/http-party/node-http-proxy/commit/dba39668ba4c9ad461316e834b2d64b77e1ca88e"><code>dba3966</code></a> Remove node6 support, add node12 to build (<a href="https://github-redirect.dependabot.com/http-party/node-http-proxy/issues/1397">#1397</a>)</li> <li>See full diff in <a href="https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 15 days

push eventwiomoc/KeePassDX

Christoph Walcher

commit sha f2150e3d8578bd97a2d3d17fbe8adcfeb8a1d7df

Early return in readHeaderField In the old version the outer loop won't terminate if `EndOfHeader` is a zero sized field.

view details

push time in a month

PR opened Kunzisoft/KeePassDX

Early return in readHeaderField

The outer loop in L167 won't terminate if EndOfHeader is a zero sized field.

+4 -3

0 comment

1 changed file

pr created time in a month

push eventwiomoc/KeePassDX

Christoph Walcher

commit sha 726fcbb384aaacfa3ba5c105846370da3a16e8a4

Early return in readHeaderField In the old version the outer loop won't terminate if `EndOfHeader` is a zero sized field.

view details

push time in a month

fork wiomoc/KeePassDX

:iphone: KeePass implementation for android with material design and deluxe features

https://www.keepassdx.com/

fork in a month

issue commentrust-lang/rust-clippy

New lint: Repetitive branches

The lint should consider Lifetimes too e.g. : https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=72a2e3511de3b085eea0ddcf9680bf9b

camsteffen

comment created time in a month

create barnchwiomoc/rust-clippy

branch : feature/temporary_cstring_as_ptr-same-expr

created branch time in a month

release hft-app/native

3.0.8

released time in a month

created taghft-app/native

tag3.0.8

Native version of the HFT App uses cordova and vue

created time in a month

push eventhft-app/native

Christoph Walcher

commit sha fd2795c5b90bf9c11ace4ff71043ceb48c23e5d8

fixes

view details

push time in a month

push eventhft-app/native

Christoph Walcher

commit sha 845abb55d489ae93ea29955d0f292d6be139d826

fixes

view details

push time in a month

push eventwiomoc/rust-clippy

Takayuki Nakata

commit sha 1e8ada3cab5470a4f2070c0aa9d1a94922476621

Add lint `same_item_push`

view details

Takayuki Nakata

commit sha 161f47510076d36722546c3541a546f9b724fadd

Add test case for `same_item_push`

view details

Takayuki Nakata

commit sha 2beb9090d1b9adb2b0930da511bf1750e570905b

Rename TypeckTables to TypeckResults

view details

Takayuki Nakata

commit sha 1543e117cc7459bef2b57389503f0f526a903f45

cargo dev update_lints

view details

Takayuki Nakata

commit sha 14a4e3bcc8082b0323886ae15365ea2424b512cf

Fix a lint message

view details

Takayuki Nakata

commit sha b7ceb4d3d7ed3ea7039caf803073e86ad3643e21

rustfmt

view details

Takayuki Nakata

commit sha 228f668282daab05ec20adbbdeb227e923d10864

Use `mutated_variables`

view details

Takayuki Nakata

commit sha e48685edef9889d7c0ae391cf050f878d228ae25

Just check if it contains `_` in `for pat`

view details

Takayuki Nakata

commit sha 610d4e3c8b1bfa27e059043554f4156fe1254142

rustfmt

view details

Eduardo Broto

commit sha 50a86d492718f2ad5e653575d19324205fa007f1

enable #[allow(clippy::unsafe_derive_deserialize)]

view details

Christoph Walcher

commit sha 0abc4833e5dc8ec4da48d5b25e1d0df81cceec4d

Lint .min(x).max(y) with x < y Fixes #5854

view details

Ryan1729

commit sha 5e84b8c2fb48ed864347296cafa3119ac094873f

run cargo dev new_lint then move transmutes_expressible_as_ptr_casts into transmute module

view details

Ryan1729

commit sha 069f851671d5ce6eefbfd3071c5bb7cbe7df9df5

initial compiling version of TRANSMUTES_EXPRESSIBLE_AS_PTR_CASTS

view details

Ryan1729

commit sha 46ef4e8651b4b857ec9bf3e172f3c5e317b0c596

write currently failing test for transmutes_expressible_as_ptr_casts There are 5 errors, when there should be 7.

view details

Ryan1729

commit sha 34d3a0086c715d70a6517a0ca6146eb064fc42b7

accidentally cause an ICE by putting the TRANSMUTES_EXPRESSIBLE_AS_PTR_CASTS handling after the match The reason I did this in the first place was to try and figure out why I don't see my expected 7 error messages

view details

Ryan1729

commit sha de05212987be6468387b004194761d5fad6d506c

try putting the can_be_expressed_as_pointer_cast at the top and find that we still get an ICE

view details

Ryan1729

commit sha ccc4747f468e0887f6d1c460237e2e6313ae97b9

get the expected number of errors by acknowledging that other lints are covering the same ground

view details

Ryan1729

commit sha d38766ed96db6f548af4721942cbed4cbe503a21

address some review comments

view details

Ryan1729

commit sha 19f36bc2f3ceede89f20dd1e20301eac50d9f68c

add description to assert

view details

Ryan1729

commit sha 94340d6e172a050bc6289e3ff87f59ea09019daf

add documentation to functions that call `do_check` and add a test against lint ordering changing

view details

push time in a month

push eventhft-app/native

Christoph Walcher

commit sha f77018d8b339a048f7e6e00a0b3a1bf9dfc585df

fixes

view details

push time in a month

push eventhft-app/native

Christoph Walcher

commit sha 1a8a87c61aee242f1cf4fe4e72bf627887541b50

fixes

view details

push time in a month

push eventhft-app/native

Christoph Walcher

commit sha 94babd5ce4ebec84abbb2e0fbc25a78f11741bea

fixes

view details

push time in a month

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 8514b8407ac83dc02532c82c9188c49967d9a5d6

appreciative too_large_for_stack in useless `vec!` Fixes: #5847

view details

push time in a month

PR opened rust-lang/rust-clippy

appreciative too_large_for_stack in useless `vec!`

Fixes: #5847 changelog: none

+73 -39

0 comment

5 changed files

pr created time in a month

create barnchwiomoc/rust-clippy

branch : feature/useless-vec-max-size

created branch time in a month

Pull request review commentrust-lang/rust-clippy

Lint `push_str` with a single-character string literal

+use crate::utils::{match_def_path, paths, snippet_with_applicability, span_lint_and_sugg};+use if_chain::if_chain;+use rustc_ast::ast::LitKind;+use rustc_errors::Applicability;+use rustc_hir::{Expr, ExprKind};+use rustc_lint::{LateContext, LateLintPass};+use rustc_session::{declare_lint_pass, declare_tool_lint};++declare_clippy_lint! {+    /// **What it does:** Warns when using push_str with a single-character string literal,+    /// and push with a char would work fine.+    ///+    /// **Why is this bad?** This is in all probability not the intended outcome. At+    /// the least it hurts readability of the code.+    ///+    /// **Known problems:** None+    ///+    /// **Example:**+    /// ```+    /// let mut string = String::new();+    /// string.push_str("R");+    /// ```+    /// Could be written as+    /// ```+    /// let mut string = String::new();+    /// string.push('R');+    /// ```+    pub SINGLE_CHAR_PUSH_STR,+    style,+    "`push_str()` used with a single-character string literal as parameter"+}++declare_lint_pass!(SingleCharPushStrPass => [SINGLE_CHAR_PUSH_STR]);++impl<'tcx> LateLintPass<'tcx> for SingleCharPushStrPass {+    fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {+        if_chain! {+            if let ExprKind::MethodCall(_, _, ref args, _) = expr.kind;+            if let [base_string, extension_string] = args;+            if let Some(fn_def_id) = cx.typeck_results().type_dependent_def_id(expr.hir_id);+            if match_def_path(cx, fn_def_id, &paths::PUSH_STR);+            if let ExprKind::Lit(ref lit) = extension_string.kind;+            if let LitKind::Str(symbol,_) = lit.node;

The single_char_pattern does replace raw strings, should i remove that feature

wiomoc

comment created time in a month

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 783108d1f128c07d135101a847643f91f270c71a

Merge lint with `single_char_pattern`

view details

push time in a month

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 10fa7b3edef537631898319a23abb7993d2a53d0

Merge lint with `single_char_pattern`

view details

push time in a month

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 260e9edc5471d3361aab2e24edb2cf648eb870f9

Lint `push_str` with a single-character string literal Fixes #5875

view details

push time in 2 months

Pull request review commentrust-lang/rust-clippy

Lint `push_str` with a single-character string literal

+error: calling `push_str()` using a single-character string literal+  --> $DIR/single_char_push_str.rs:6:5+   |+LL |     string.push_str("R");+   |     ^^^^^^^^^^^^^^^^^^^^ help: consider using `push` with a character literal: `string.push('R')`+   |+   = note: `-D clippy::single-char-push-str` implied by `-D warnings`++error: calling `push_str()` using a single-character string literal+  --> $DIR/single_char_push_str.rs:7:5+   |+LL |     string.push_str("'");+   |     ^^^^^^^^^^^^^^^^^^^^ help: consider using `push` with a character literal: `string.push('/'')`

should be ''' not '/'', but the suggestion is applied correctly

wiomoc

comment created time in 2 months

PR opened rust-lang/rust-clippy

Lint `push_str` with a single-character string literal

Fixes #5875 changelog: * [single_char_push_str]

+112 -0

0 comment

8 changed files

pr created time in 2 months

create barnchwiomoc/rust-clippy

branch : feature/single-char-push_str

created branch time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 87e740921abd4132152f090545fa4c9ed9fa0d6d

check impl Ord / is_float

view details

push time in 2 months

push eventwiomoc/rust-clippy

Eduardo Broto

commit sha e336fe80d2f991a170b98190683039035b53c6ba

manual_async_fn: take input lifetimes into account The anonymous future returned from an `async fn` captures all input lifetimes. This was not being taken into account. See https://github.com/rust-lang/rfcs/blob/master/text/2394-async_await.md#lifetime-capture-in-the-anonymous-future

view details

JarredAllen

commit sha 25abd7ae76e2a708dda5487119c20af3be64edb7

Create stable_sort_primitive lint

view details

Tomasz Miąsko

commit sha e9677105bf85a2b0c57e8d67d2ed22a286333033

try_err: Consider Try impl for Poll when generating suggestions There are two different implementation of Try trait for Poll type; Poll<Result<T, E>> and Poll<Option<Result<T, E>>>. Take them into account when generating suggestions. For example, for Err(e)? suggest either return Poll::Ready(Err(e)) or return Poll::Ready(Some(Err(e))) as appropriate.

view details

Cameron Steffen

commit sha 0ccdf2913a335c4f0b34098f84baeeb3fc852255

Remove obsolete known problems unnecessary_fold

view details

bors

commit sha 2ceb8c6c2d029f01f7656d02e59b2d69187875c4

Auto merge of #5865 - camsteffen:unnecessary-fold-known-probs, r=Manishearth Remove obsolete known problems unnecessary_fold The known problems looks to be obsolete since NLL is stable. changelog: none

view details

JarredAllen

commit sha 542740c2eceff2369b2ac44e891a37313dd1785c

Run cargo dev fmt

view details

bors

commit sha 3d7e3fdffd380d0d98f63e878b3ef9948b9452ca

Auto merge of #5857 - tmiasko:try-err-poll, r=matthiaskrgr try_err: Consider Try impl for Poll when generating suggestions There are two different implementation of `Try` trait for `Poll` type: `Poll<Result<T, E>>` and `Poll<Option<Result<T, E>>>`. Take them into account when generating suggestions. For example, for `Err(e)?` suggest either `return Poll::Ready(Err(e))` or `return Poll::Ready(Some(Err(e)))` as appropriate. Fixes #5855 changelog: try_err: Consider Try impl for Poll when generating suggestions

view details

bors

commit sha 2eab060ab7771e9c517c04c7519ed74c97d3a1c9

Auto merge of #5859 - ebroto:5765_manual_async_fn_fp, r=yaahc manual_async_fn: take input lifetimes into account The anonymous future returned from an `async fn` captures all input lifetimes. This was not being taken into account. See https://github.com/rust-lang/rfcs/blob/master/text/2394-async_await.md#lifetime-capture-in-the-anonymous-future changelog: Take input lifetimes into account in [`manual_async_fn`]. Fixes #5765

view details

bors

commit sha 2d4c3379d355c436342113a302421faf3990fb29

Auto merge of #5809 - JarredAllen:stable_sort_primitive, r=Manishearth Stable sort primitive changelog: Implements #5762

view details

Christoph Walcher

commit sha e0a4988fcc716e349fd801d98182c0d984a2ee3f

Lint against `Self` as an arbitrary self type Fixes #5861

view details

Christoph Walcher

commit sha 737f62cb6eaa5eca23701dbbe8d63465e1c4843b

fix doc

view details

Christoph Walcher

commit sha d635b76eaf3435f9bdce1dcbdd315b0e770493f0

adopt comments from review

view details

Christoph Walcher

commit sha c87d999fa2f8e88f986aa5f4d76b708824e1fd3a

fix ui tests

view details

Christoph Walcher

commit sha e03f73e627721c35459886781af281632cac299d

fix nits

view details

Christoph Walcher

commit sha bfe610cc8d7d380cfaf83f03629a23747fc54fad

ignore mutable self reference parameters

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha ddadedd4074543b4210c1bdd65ab31d62af9ab5f

ignore mutable self reference parameters

view details

push time in 2 months

issue commentrust-lang/rust-clippy

FN needless_collect: vec.extend(range.collect:<Vec<_>>())

This is tricky if the Iterator holds an reference to the Vec e.g.

fn main() {
    let x = 0..=10;
    let mut v = vec![100, 101];

    v.extend(x.map(|n| n + v.len()).collect::<Vec<_>>());
    
    // Won't compile
    // v.extend(x.map(|n| n + v.len()));

    println!("{:?}", v);
}

https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=1b82e17db7cc0f1a19ea355fafbe82f5

matthiaskrgr

comment created time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 0abc4833e5dc8ec4da48d5b25e1d0df81cceec4d

Lint .min(x).max(y) with x < y Fixes #5854

view details

push time in 2 months

PR opened rust-lang/rust-clippy

Lint .min(x).max(y) with x < y

rel: #5854

+78 -20

0 comment

3 changed files

pr created time in 2 months

create barnchwiomoc/rust-clippy

branch : feature/methodcall-minmax

created branch time in 2 months

issue commentrust-lang/rust-clippy

.min(x).max(y) with x < y

Just wondering, isn't that already done in https://github.com/rust-lang/rust-clippy/blob/master/clippy_lints/src/minmax.rs / https://rust-lang.github.io/rust-clippy/master/index.html#min_max

JarredAllen

comment created time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 1def3d8137858e7c4ea27a3506129311d6f73fc6

fix nits

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 5e2b6d4559e9d36289693438b502d2bdbaafe722

fix ui tests

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha fb3b7dd87e1b6c18255402c274939f8dcafd3258

adopt comments from review

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 69ef96b41a97a7400631a4e1432fe523531d877b

adopt comments from review

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 52f7452fb458c81207e9f3ce9b6016c0a3dbc19e

fix doc

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha b34bf8be746606bebcf091132bae6477222fcff5

Lint against `Self` as an arbitrary self type Fixes #5861

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 3b74a9a304d16836cdbe3c4b24d6ab789483c6cf

Lint against `Self` as an arbitrary self type Fixes #5861

view details

push time in 2 months

PR opened rust-lang/rust-clippy

New lint against `Self` as an arbitrary self type

rel #5861

+112 -0

0 comment

6 changed files

pr created time in 2 months

create barnchwiomoc/rust-clippy

branch : feature/implicit-self

created branch time in 2 months

release hft-app/native

3.0.7

released time in 2 months

created taghft-app/native

tag3.0.7

Native version of the HFT App uses cordova and vue

created time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha aa5e14894915ec329420be1ebae18ca2d5602fb0

Improvements + Support for iOS + Sort Exams + Update Cordova deps + Scale Appicons automaticly + Bump to 3.0.7

view details

push time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha ff06ca2a06b1c8f12a1b12a3567f84c681185e49

Improvements + Support for iOS + Sort Exams + Update Cordova deps + Scale Appicons automaticly + Bump to 3.0.7

view details

push time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha 1d76c466a2413c84009e51dcb470013f9fc14958

Improvements + Support for iOS + Sort Exams + Update Cordova deps + Scale Appicons automaticly

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha e521c67e5f29ddd84e0ce744dfc27a836d349514

early return on empty parameters/where clause

view details

push time in 2 months

push eventjohanneshiry/Weinretter

dependabot[bot]

commit sha 2bcd5e0e44bcbceef8d0366ac681d186d448f0d8

Bump elliptic from 6.5.2 to 6.5.3 in /frontend (#41) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

view details

push time in 2 months

PR merged johanneshiry/Weinretter

Bump elliptic from 6.5.2 to 6.5.3 in /frontend dependencies

Bumps elliptic from 6.5.2 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+778 -220

0 comment

2 changed files

dependabot[bot]

pr closed time in 2 months

push eventNovatecConsulting/mqtt-meets-web-blog

dependabot[bot]

commit sha dec4a0d70cefc2cdeab206b146a470f1f2d17ffd

Bump jsrsasign from 8.0.12 to 8.0.20 in /frontend/device-control Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 8.0.12 to 8.0.20. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/8.0.12...8.0.20) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 months

PR merged NovatecConsulting/mqtt-meets-web-blog

Bump jsrsasign from 8.0.12 to 8.0.20 in /frontend/device-control dependencies

Bumps jsrsasign from 8.0.12 to 8.0.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kjur/jsrsasign/releases">jsrsasign's releases</a>.</em></p> <blockquote> <h2>add CSR support for subjectAltName</h2> <ul> <li>Changes From 8.0.19 to 8.0.20 <ul> <li>src/asn1csr.js <ul> <li>CSRUtil.getInfo <ul> <li>add ext parameter to show subjectAltName property</li> <li>change not to raise error when subject name is empty in CSR</li> </ul> </li> </ul> </li> <li>src/x509.js <ul> <li>X509.parseExt <ul> <li>add support for CSR extension request field</li> </ul> </li> </ul> </li> <li>src/asn1hex.js <ul> <li>ASN1HEX.getIdxbyList <ul> <li>small update for exception</li> </ul> </li> </ul> </li> <li>test/ <ul> <li>qunit-do-{asn1csr, x509}.html to add tests for above.</li> </ul> </li> </ul> </li> </ul> <h2>ECDSA signature validation maleability fix and others</h2> <ul> <li>Changes from 8.0.18 to 8.0.19 <ul> <li>src/ecdsa-mod.js <ul> <li>ECDSA.verifyHex fixed for some types of maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/437">#437</a>)</li> </ul> </li> <li>src/asn1hex.js <ul> <li>ASN1HEX.checkStrictDER added</li> </ul> </li> <li>src/asn1x509.js <ul> <li>It's founded that OpenSSL's DN representation like "/C=US/O=test" is "compat" format. So those methods are added and existing method is now deprecated. <ul> <li>X500Name.{ldapToOneline, onelineToLdap} are now deprecated.</li> <li>X500Name.{ldapToCompat, compatToLdap} are added.</li> </ul> </li> </ul> </li> <li>src/x509.js <ul> <li>update for compatToLdap and ldapToCompat</li> </ul> </li> <li>src/crypto.js <ul> <li>document update</li> </ul> </li> </ul> </li> </ul> <h2>RSA decryption and RSA signature validation maleability fix</h2> <ul> <li>Changes from 8.0.17 to 8.0.18 <ul> <li>ext/rsa2.js <ul> <li>RSADecrypt fixed for zero prepending maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/439">#439</a>)</li> <li>RSADecryptOAEP fixed for zero prepending maleability</li> </ul> </li> <li>src/rsasign.js <ul> <li>verifyWithMessageHash fixed for zero prepending maleability</li> </ul> </li> <li>test <ul> <li>qunit-do-crypto-cipher.html: some test case added for above</li> </ul> </li> </ul> </li> </ul> <h2>RSAPSS verification maleability fix and others</h2> <ul> <li>Changes from 8.0.16 to 8.0.17 <ul> <li>src/rsasign.js <ul> <li>verifyWithMessageHashPSS fixed for prepending zeros maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/438">#438</a>)</li> </ul> </li> <li>src/asn1x509.js <ul> <li>allow alternative algorithms to sign CRLs (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/440">#440</a>)</li> </ul> </li> <li>src/asn1cms.js <ul> <li>improve CMSUtil.newSignedData helper with detached signatures (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/441">#441</a>)</li> </ul> </li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt">jsrsasign's changelog</a>.</em></p> <blockquote> <p>ChangeLog for jsrsasign</p> <p>add CSR support for subjectAltName</p> <ul> <li>Changes From 8.0.19 to 8.0.20 <ul> <li>src/asn1csr.js <ul> <li>CSRUtil.getInfo <ul> <li>add ext parameter to show subjectAltName property</li> <li>change not to raise error when subject name is empty in CSR</li> </ul> </li> </ul> </li> <li>src/x509.js <ul> <li>X509.parseExt <ul> <li>add support for CSR extension request field</li> </ul> </li> </ul> </li> <li>src/asn1hex.js <ul> <li>ASN1HEX.getIdxbyList <ul> <li>small update for exception</li> </ul> </li> </ul> </li> <li>test/ <ul> <li>qunit-do-{asn1csr, x509}.html to add tests for above.</li> </ul> </li> </ul> </li> </ul> <p>ECDSA signature validation maleability fix and others</p> <ul> <li>Changes from 8.0.18 to 8.0.19 <ul> <li>src/ecdsa-mod.js <ul> <li>ECDSA.verifyHex fixed for some types of maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/437">#437</a>)</li> </ul> </li> <li>src/asn1hex.js <ul> <li>ASN1HEX.checkStrictDER added</li> </ul> </li> <li>src/asn1x509.js <ul> <li>It's founded that OpenSSL's DN representation like "/C=US/O=test" is "compat" format. So those methods are added and existing method is now deprecated. <ul> <li>X500Name.{ldapToOneline, onelineToLdap} are now deprecated.</li> <li>X500Name.{ldapToCompat, compatToLdap} are added.</li> </ul> </li> </ul> </li> <li>src/x509.js <ul> <li>update for compatToLdap and ldapToCompat</li> </ul> </li> <li>src/crypto.js <ul> <li>document update</li> </ul> </li> </ul> </li> </ul> <p>RSA decryption and RSA signature validation maleability fix</p> <ul> <li> <p>Changes from 8.0.17 to 8.0.18</p> <ul> <li>ext/rsa2.js <ul> <li>CVE-2020-14967 RSADecrypt fixed for zero prepending maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/439">#439</a>)</li> <li>RSADecryptOAEP fixed for zero prepending maleability</li> </ul> </li> <li>src/rsasign.js <ul> <li>verifyWithMessageHash fixed for zero prepending maleability</li> </ul> </li> <li>test <ul> <li>qunit-do-crypto-cipher.html: some test case added for above</li> </ul> </li> </ul> </li> <li> <p>Changes from 8.0.16 to 8.0.17</p> <ul> <li>src/rsasign.js <ul> <li>CVE-2020-14968 verifyWithMessageHashPSS fixed for prepending zeros maleability (<a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/438">#438</a>)</li> </ul> </li> <li>src/asn1x509.js</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kjur/jsrsasign/commit/adc64c842cf727c8c8371907bbab83cb731c8fbe"><code>adc64c8</code></a> 8.0.20 release</li> <li><a href="https://github.com/kjur/jsrsasign/commit/6ef02059a3c4b4cc6e6cd36b1a617bd6a5041224"><code>6ef0205</code></a> Update README.md</li> <li><a href="https://github.com/kjur/jsrsasign/commit/59cc1cce9467cdaafd42bdf272434ef8acbe7189"><code>59cc1cc</code></a> 8.0.19 release</li> <li><a href="https://github.com/kjur/jsrsasign/commit/6efc23aead22aa432613c345f84c39880f91744d"><code>6efc23a</code></a> 8.0.18 release</li> <li><a href="https://github.com/kjur/jsrsasign/commit/6087412d072a57074d3c4c1b40bdde0460d53a7f"><code>6087412</code></a> 8.0.18 release</li> <li><a href="https://github.com/kjur/jsrsasign/commit/861ab2718b2bf8718830544c0e512cf127197316"><code>861ab27</code></a> 8.0.17 release</li> <li><a href="https://github.com/kjur/jsrsasign/commit/3bcc088c727658d7235854cd2a409a904cc2ce99"><code>3bcc088</code></a> <a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/442">#442</a> RSAGenerate key length issue fix</li> <li><a href="https://github.com/kjur/jsrsasign/commit/108c7df21b6bd484b13e1a1c3cde70813f177a07"><code>108c7df</code></a> comment update</li> <li><a href="https://github.com/kjur/jsrsasign/commit/12fdf1b1865b199261238dc0a3c0515ebf65139d"><code>12fdf1b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/441">#441</a> from ilmesi/master</li> <li><a href="https://github.com/kjur/jsrsasign/commit/6fa9716263bbfe93361a9072dfdc56b725e34164"><code>6fa9716</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kjur/jsrsasign/issues/440">#440</a> from augjoh/master</li> <li>Additional commits viewable in <a href="https://github.com/kjur/jsrsasign/compare/8.0.12...8.0.20">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventNovatecConsulting/mqtt-meets-web-blog

dependabot[bot]

commit sha 789fd8a80b9a6d86703332b83488f47140b27602

Bump lodash from 4.17.15 to 4.17.19 in /frontend/device-control Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 months

PR merged NovatecConsulting/mqtt-meets-web-blog

Bump lodash from 4.17.15 to 4.17.19 in /frontend/device-control dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventNovatecConsulting/mqtt-meets-web-blog

dependabot[bot]

commit sha 7df2c5073eaec052d4a7e711be99711c3b3498be

Bump elliptic from 6.5.2 to 6.5.3 in /frontend/device-control Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 months

PR merged NovatecConsulting/mqtt-meets-web-blog

Bump elliptic from 6.5.2 to 6.5.3 in /frontend/device-control dependencies

Bumps elliptic from 6.5.2 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

issue closedwiomoc/mosquitto-jwt-auth

Mosquitto crashes when attempting login with jwt in username

I've experienced mosquitto crashing when I try to login without a password and use the jwt as username.

Being able to login in this way is useful when all we want to give the clients is a single "api-key".

I experienced this with the paho library (on python). I've not tried any other libraries yet. https://www.eclipse.org/paho/clients/python/docs/#username-pw-set

If it does not turn out to be obvious where the error is happening, I can try to make an easier to reproduce example.

closed time in 2 months

stefanfoulis

issue commentwiomoc/mosquitto-jwt-auth

Mosquitto crashes when attempting login with jwt in username

Good catch! If the username or password is not set, mosquitto simply passes a null pointer that was not handled correctly.

With the fix a empty username is supported with auth_opt_jwt_validate_sub_match_username : false. A empty password will show an error but won't crash anymore.

stefanfoulis

comment created time in 2 months

push eventwiomoc/mosquitto-jwt-auth

Christoph Walcher

commit sha 4d76b9f2141437a5230b4082b924bf0334293efc

Bugfix: Support null- password / username rel #8

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 2b7fde6a4b18ee837342f5b50a4c4941e919177f

typo fix

view details

push time in 2 months

startedrust-lang/rust-clippy

started time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 94c50bc8c913ef58eba0f4f10b682dcf6d6e0991

Lint duplicate methods of trait bounds Fixes #5777

view details

push time in 2 months

push eventwiomoc/rust-clippy

Christoph Walcher

commit sha 48900a20f9b32a1ad9ad221c503395d8cbb8db0a

Lint duplicate methods of trait bounds Fixes #5777

view details

push time in 2 months

create barnchwiomoc/rust-clippy

branch : feature/lint-duplicate-trait

created branch time in 2 months

fork wiomoc/rust-clippy

A bunch of lints to catch common mistakes and improve your Rust code

https://rust-lang.github.io/rust-clippy/

fork in 2 months

push eventhft-app/native

dependabot[bot]

commit sha aabe8e40de7e296af32ff600259e9ae354edfaa1

Bump lodash from 4.17.15 to 4.17.19 in /src-cordova Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com>

view details

push time in 2 months

PR merged hft-app/native

Bump lodash from 4.17.15 to 4.17.19 in /src-cordova dependencies

Bumps lodash from 4.17.15 to 4.17.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.17.16</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li> <li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li> <li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li> <li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li> <li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li> <li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li> <li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha 884c13379ed2769ae3b0b71fcc757ef4c18f6453

Added ics event export & bugfixes

view details

push time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha 2a6e0dcb7abf95880ca014e87d0d813ed07d94c9

New default picture of meals & Sort exams

view details

push time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha eb53e4eb676dc3c5940ed7d22d369b7a5e96017b

New default picture of meals & Sort exams

view details

push time in 2 months

pull request commentwiomoc/mosquitto-jwt-auth

fix typo in readme

Thanks!

stefanfoulis

comment created time in 2 months

push eventwiomoc/mosquitto-jwt-auth

Stefan Foulis

commit sha 5e6ca3483ebb70b0c20fb0f8ca867ce6a741aa90

fix typo in readme

view details

push time in 2 months

push eventhft-app/native

Christoph Walcher

commit sha 27319ff7a2f1330ba21d08f9e69f6490a30c3afe

Improved meal displayment + Support for not rectangular photos of meals + Show full text meal attributes

view details

push time in 2 months

more