[{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529/events","html_url":"https://github.com/withspectrum/spectrum/pull/5529","id":1310364385,"node_id":"PR_kwDOA7YDc847sjAA","number":5529,"title":"Bump terser from 4.0.0 to 4.8.1 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-07-20T03:30:21Z","updated_at":"2022-07-20T03:30:22Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5529","html_url":"https://github.com/withspectrum/spectrum/pull/5529","diff_url":"https://github.com/withspectrum/spectrum/pull/5529.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5529.patch","merged_at":null},"body":"Bumps [terser](https://github.com/terser/terser) from 4.0.0 to 4.8.1.\n\nChangelog
\nSourced from terser's changelog.
\n\nv4.8.1 (backport)
\n\n- Security fix for RegExps that should not be evaluated (regexp DDOS)
\n
\nv4.8.0
\n\n- Support for numeric separators (
million = 1_000_000
) was added. \n- Assigning properties to a class is now assumed to be pure.
\n- Fixed bug where
yield
wasn't considered a valid property key in generators. \n
\nv4.7.0
\n\n- A bug was fixed where an arrow function would have the wrong size
\narguments
object is now considered safe to retrieve properties from (useful for length
, or 0
) even when pure_getters
is not set. \n- Fixed erroneous
const
declarations without value (which is invalid) in some corner cases when using collapse_vars
. \n
\nv4.6.13
\n\n- Fixed issue where ES5 object properties were being turned into ES6 object properties due to more lax unicode rules.
\n- Fixed parsing of BigInt with lowercase
e
in them. \n
\nv4.6.12
\n\n- Fixed subtree comparison code, making it see that
[1,[2, 3]]
is different from [1, 2, [3]]
\n- Printing of unicode identifiers has been improved
\n
\nv4.6.11
\n\n- Read unused classes' properties and method keys, to figure out if they use other variables.
\n- Prevent inlining into block scopes when there are name collisions
\n- Functions are no longer inlined into parameter defaults, because they live in their own special scope.
\n- When inlining identity functions, take into account the fact they may be used to drop
this
in function calls. \n- Nullish coalescing operator (
x ?? y
), plus basic optimization for it. \n- Template literals in binary expressions such as
+
have been further optimized \n
\nv4.6.10
\n\n- Do not use reduce_vars when classes are present
\n
\nv4.6.9
\n\n- Check if block scopes actually exist in blocks
\n
\nv4.6.8
\n\n- Take into account "executed bits" of classes like static properties or computed keys, when checking if a class evaluation might throw or have side effects.
\n
\nv4.6.7
\n\n- Some new performance gains through a
AST_Node.size()
method which measures a node's source code length without printing it to a string first. \n
\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=terser&package-manager=npm_and_yarn&previous-version=4.0.0&new-version=4.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5529/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528/events","html_url":"https://github.com/withspectrum/spectrum/pull/5528","id":1298889639,"node_id":"PR_kwDOA7YDc847GdBq","number":5528,"title":"Bump moment from 2.24.0 to 2.29.4","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-07-08T11:26:27Z","updated_at":"2022-07-08T11:26:28Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5528","html_url":"https://github.com/withspectrum/spectrum/pull/5528","diff_url":"https://github.com/withspectrum/spectrum/pull/5528.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5528.patch","merged_at":null},"body":"Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4.\n\nChangelog
\nSourced from moment's changelog.
\n\n2.29.4
\n\n- Release Jul 6, 2022\n
\n- #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex
\n
\n \n
\n\n\n- Release Apr 17, 2022\n
\n- #5995 [bugfix] Remove const usage
\n- #5990 misc: fix advisory link
\n
\n \n
\n\n\nAddress https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
\n\n\nUpdated deprecation message, bugfix in hi locale
\n\n\n- Release Sept 22, 2020
\n
\nNew locales (es-mx, bn-bd).\nMinor bugfixes and locale improvements.\nMore tests.\nMoment is in maintenance mode. Read more at this link:\nhttps://momentjs.com/docs/#/-project-status/
\n\n\n- Release Sept 13, 2020
\n
\nFix bug where .format() modifies original instance, and locale updates
\n\n\n- Release June 18, 2020
\n
\nAdded Turkmen locale, other locale improvements, slight TypeScript fixes
\n\n\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=moment&package-manager=npm_and_yarn&previous-version=2.24.0&new-version=2.29.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5528/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527/events","html_url":"https://github.com/withspectrum/spectrum/pull/5527","id":1296712847,"node_id":"PR_kwDOA7YDc846--lG","number":5527,"title":"Bump moment from 2.24.0 to 2.29.4 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-07-07T02:38:16Z","updated_at":"2022-07-07T02:38:17Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5527","html_url":"https://github.com/withspectrum/spectrum/pull/5527","diff_url":"https://github.com/withspectrum/spectrum/pull/5527.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5527.patch","merged_at":null},"body":"Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4.\n\nChangelog
\nSourced from moment's changelog.
\n\n2.29.4
\n\n- Release Jul 6, 2022\n
\n- #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex
\n
\n \n
\n\n\n- Release Apr 17, 2022\n
\n- #5995 [bugfix] Remove const usage
\n- #5990 misc: fix advisory link
\n
\n \n
\n\n\nAddress https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
\n\n\nUpdated deprecation message, bugfix in hi locale
\n\n\n- Release Sept 22, 2020
\n
\nNew locales (es-mx, bn-bd).\nMinor bugfixes and locale improvements.\nMore tests.\nMoment is in maintenance mode. Read more at this link:\nhttps://momentjs.com/docs/#/-project-status/
\n\n\n- Release Sept 13, 2020
\n
\nFix bug where .format() modifies original instance, and locale updates
\n\n\n- Release June 18, 2020
\n
\nAdded Turkmen locale, other locale improvements, slight TypeScript fixes
\n\n\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=moment&package-manager=npm_and_yarn&previous-version=2.24.0&new-version=2.29.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5527/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526/events","html_url":"https://github.com/withspectrum/spectrum/pull/5526","id":1258712069,"node_id":"PR_kwDOA7YDc845AO15","number":5526,"title":"Bump protobufjs from 6.8.8 to 6.11.3 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-06-02T20:57:57Z","updated_at":"2022-06-02T20:57:59Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5526","html_url":"https://github.com/withspectrum/spectrum/pull/5526","diff_url":"https://github.com/withspectrum/spectrum/pull/5526.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5526.patch","merged_at":null},"body":"Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 6.8.8 to 6.11.3.\n\nRelease notes
\nSourced from protobufjs's releases.
\n\nv6.11.3
\n6.11.3 (2022-05-20)
\nBug Fixes
\n\nv6.11.2
\n6.11.2 (2021-04-30)
\n\n- regenerated index.d.ts to fix the unintended breaking change in types.
\n
\nv6.11.1
\n6.11.1 (2021-04-29)
\nBug Fixes
\n\nv6.11.0
\n6.11.0 (2021-04-28)
\nFeatures
\n\nBug Fixes
\n\nDependencies
\n\nprotobuf.js v6.10.2
\nBug Fixes
\n\nprotobuf.js v6.10.1
\n\n
\n... (truncated)
\n \n\nChangelog
\nSourced from protobufjs's changelog.
\n\n6.11.3 (2022-05-20)
\nBug Fixes
\n\n6.11.2 (2021-04-30)
\n\n- regenerated index.d.ts to fix the unintended breaking change in types.
\n
\n6.11.1 (2021-04-29)
\nBug Fixes
\n\n6.11.0 (2021-04-28)
\nFeatures
\n\nBug Fixes
\n\nDependencies
\n\n6.10.2 (2020-11-13)
\nBug Fixes
\n\n6.10.1 (2020-07-16)
\nBug Fixes
\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n\nMaintainer changes
\nThis version was pushed to npm by google-wombot, a new releaser for protobufjs since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=protobufjs&package-manager=npm_and_yarn&previous-version=6.8.8&new-version=6.11.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5526/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525/events","html_url":"https://github.com/withspectrum/spectrum/pull/5525","id":1237454156,"node_id":"PR_kwDOA7YDc8435RSX","number":5525,"title":"Bump axios from 0.19.0 to 0.21.2 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-05-16T17:13:02Z","updated_at":"2022-05-16T17:13:03Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5525","html_url":"https://github.com/withspectrum/spectrum/pull/5525","diff_url":"https://github.com/withspectrum/spectrum/pull/5525.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5525.patch","merged_at":null},"body":"Bumps [axios](https://github.com/axios/axios) from 0.19.0 to 0.21.2.\n\nRelease notes
\nSourced from axios's releases.
\n\nv0.21.2
\n0.21.2 (September 4, 2021)
\nFixes and Functionality:
\n\n- Updating axios requests to be delayed by pre-emptive promise creation (#2702)
\n- Adding "synchronous" and "runWhen" options to interceptors api (#2702)
\n- Updating of transformResponse (#3377)
\n- Adding ability to omit User-Agent header (#3703)
\n- Adding multiple JSON improvements (#3688, #3763)
\n- Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
\n- Adding parseInt to config.timeout (#3781)
\n- Adding custom return type support to interceptor (#3783)
\n- Adding security fix for ReDoS vulnerability (#3980)
\n
\nInternal and Tests:
\n\n- Updating build dev dependancies (#3401)
\n- Fixing builds running on Travis CI (#3538)
\n- Updating follow rediect version (#3694, #3771)
\n- Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
\n- Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
\n- Fixing tests by bumping karma-sauce-launcher version (#3813)
\n- Changing testing process from Travis CI to GitHub Actions (#3938)
\n
\nDocumentation:
\n\n- Updating documentation around the use of
AUTH_TOKEN
with multiple domain endpoints (#3539) \n- Remove duplication of item in changelog (#3523)
\n- Fixing gramatical errors (#2642)
\n- Fixing spelling error (#3567)
\n- Moving gitpod metion (#2637)
\n- Adding new axios documentation website link (#3681, #3707)
\n- Updating documentation around dispatching requests (#3772)
\n- Adding documentation for the type guard isAxiosError (#3767)
\n- Adding explanation of cancel token (#3803)
\n- Updating CI status badge (#3953)
\n- Fixing errors with JSON documentation (#3936)
\n- Fixing README typo under Request Config (#3825)
\n- Adding axios-multi-api to the ecosystem file (#3817)
\n- Adding SECURITY.md to properly disclose security vulnerabilities (#3981)
\n
\nHuge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
\n\n\n
\n... (truncated)
\n \n\nChangelog
\nSourced from axios's changelog.
\n\n0.21.2 (September 4, 2021)
\nFixes and Functionality:
\n\n- Updating axios requests to be delayed by pre-emptive promise creation (#2702)
\n- Adding "synchronous" and "runWhen" options to interceptors api (#2702)
\n- Updating of transformResponse (#3377)
\n- Adding ability to omit User-Agent header (#3703)
\n- Adding multiple JSON improvements (#3688, #3763)
\n- Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
\n- Adding parseInt to config.timeout (#3781)
\n- Adding custom return type support to interceptor (#3783)
\n- Adding security fix for ReDoS vulnerability (#3980)
\n
\nInternal and Tests:
\n\n- Updating build dev dependencies (#3401)
\n- Fixing builds running on Travis CI (#3538)
\n- Updating follow redirect version (#3694, #3771)
\n- Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
\n- Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
\n- Fixing tests by bumping karma-sauce-launcher version (#3813)
\n- Changing testing process from Travis CI to GitHub Actions (#3938)
\n
\nDocumentation:
\n\n- Updating documentation around the use of
AUTH_TOKEN
with multiple domain endpoints (#3539) \n- Remove duplication of item in changelog (#3523)
\n- Fixing grammatical errors (#2642)
\n- Fixing spelling error (#3567)
\n- Moving gitpod mention (#2637)
\n- Adding new axios documentation website link (#3681, #3707)
\n- Updating documentation around dispatching requests (#3772)
\n- Adding documentation for the type guard isAxiosError (#3767)
\n- Adding explanation of cancel token (#3803)
\n- Updating CI status badge (#3953)
\n- Fixing errors with JSON documentation (#3936)
\n- Fixing README typo under Request Config (#3825)
\n- Adding axios-multi-api to the ecosystem file (#3817)
\n- Adding SECURITY.md to properly disclose security vulnerabilities (#3981)
\n
\nHuge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
\n\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n\nMaintainer changes
\nThis version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=0.19.0&new-version=0.21.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5525/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524/events","html_url":"https://github.com/withspectrum/spectrum/pull/5524","id":1219153668,"node_id":"PR_kwDOA7YDc8429_h9","number":5524,"title":"Bump async from 2.6.2 to 2.6.4 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-04-28T19:06:40Z","updated_at":"2022-04-28T19:06:41Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5524","html_url":"https://github.com/withspectrum/spectrum/pull/5524","diff_url":"https://github.com/withspectrum/spectrum/pull/5524.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5524.patch","merged_at":null},"body":"Bumps [async](https://github.com/caolan/async) from 2.6.2 to 2.6.4.\n\nChangelog
\nSourced from async's changelog.
\n\nv2.6.4
\n\n- Fix potential prototype pollution exploit (#1828)
\n
\nv2.6.3
\n\n- Updated lodash to squelch a security warning (#1675)
\n
\n
\n \n\nCommits
\n\n \n\nMaintainer changes
\nThis version was pushed to npm by hargasinski, a new releaser for async since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=async&package-manager=npm_and_yarn&previous-version=2.6.2&new-version=2.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5524/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522/events","html_url":"https://github.com/withspectrum/spectrum/pull/5522","id":1202591062,"node_id":"PR_kwDOA7YDc842JDhO","number":5522,"title":"Bump urijs from 1.19.1 to 1.19.11","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-04-13T00:12:11Z","updated_at":"2022-04-13T00:12:11Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5522","html_url":"https://github.com/withspectrum/spectrum/pull/5522","diff_url":"https://github.com/withspectrum/spectrum/pull/5522.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5522.patch","merged_at":null},"body":"Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.1 to 1.19.11.\n\nRelease notes
\nSourced from urijs's releases.
\n\n1.19.11 (April 3rd 2022)
\n\n1.19.10 (March 5th 2022)
\n\n1.19.9 (March 3rd 2022)
\n\n1.19.8 (February 15th 2022)
\n\n1.19.7 (July 14th 2021)
\n\n- SECURITY fixing
URI.parseQuery()
to prevent overwriting __proto__
in parseQuery() - disclosed privately by @NewEraCracker
\n- SECURITY fixing
URI.parse()
to handle variable amounts of \\
and /
in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/ \n- removed obsolete build tools
\n- updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)
\n
\n1.19.6 (February 13th 2021)
\n\n- SECURITY fixing
URI.parse()
to rewrite \\
in scheme delimiter to /
as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx \n
\n1.19.5 (December 30th 2020)
\n\n1.19.4 (December 23rd 2020)
\n\n1.19.3 (December 20th 2020)
\n\n1.19.2 (October 20th 2019)
\n\n
\n \n\nChangelog
\nSourced from urijs's changelog.
\n \n\nCommits
\n\nb655c1b
chore(build): bumping to version 1.19.11 \nb0c9796
fix(parse): handle CR,LF,TAB \n88805fd
fix(parse): handle excessive slashes in scheme-relative URLs \n926b2aa
chore(build): bumping to version 1.19.10 \na8166fe
fix(parse): handle excessive colons in scheme delimiter \n01920b5
chore(build): bumping to version 1.19.9 \n86d1052
fix(parse): remove leading whitespace \nefae1e5
chore(build): bumping to version 1.19.8 \n6ea641c
fix(parse): case insensitive scheme - #412 \n19e54c7
chore(build): bumping to version 1.19.7 \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urijs&package-manager=npm_and_yarn&previous-version=1.19.1&new-version=1.19.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5522/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521/events","html_url":"https://github.com/withspectrum/spectrum/pull/5521","id":1202491092,"node_id":"PR_kwDOA7YDc842Ise_","number":5521,"title":"Bump urijs from 1.19.1 to 1.19.11 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-04-12T22:53:25Z","updated_at":"2022-04-12T22:53:26Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5521","html_url":"https://github.com/withspectrum/spectrum/pull/5521","diff_url":"https://github.com/withspectrum/spectrum/pull/5521.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5521.patch","merged_at":null},"body":"Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.1 to 1.19.11.\n\nRelease notes
\nSourced from urijs's releases.
\n\n1.19.11 (April 3rd 2022)
\n\n1.19.10 (March 5th 2022)
\n\n1.19.9 (March 3rd 2022)
\n\n1.19.8 (February 15th 2022)
\n\n1.19.7 (July 14th 2021)
\n\n- SECURITY fixing
URI.parseQuery()
to prevent overwriting __proto__
in parseQuery() - disclosed privately by @NewEraCracker
\n- SECURITY fixing
URI.parse()
to handle variable amounts of \\
and /
in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/ \n- removed obsolete build tools
\n- updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)
\n
\n1.19.6 (February 13th 2021)
\n\n- SECURITY fixing
URI.parse()
to rewrite \\
in scheme delimiter to /
as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx \n
\n1.19.5 (December 30th 2020)
\n\n1.19.4 (December 23rd 2020)
\n\n1.19.3 (December 20th 2020)
\n\n1.19.2 (October 20th 2019)
\n\n
\n \n\nChangelog
\nSourced from urijs's changelog.
\n \n\nCommits
\n\nb655c1b
chore(build): bumping to version 1.19.11 \nb0c9796
fix(parse): handle CR,LF,TAB \n88805fd
fix(parse): handle excessive slashes in scheme-relative URLs \n926b2aa
chore(build): bumping to version 1.19.10 \na8166fe
fix(parse): handle excessive colons in scheme delimiter \n01920b5
chore(build): bumping to version 1.19.9 \n86d1052
fix(parse): remove leading whitespace \nefae1e5
chore(build): bumping to version 1.19.8 \n6ea641c
fix(parse): case insensitive scheme - #412 \n19e54c7
chore(build): bumping to version 1.19.7 \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urijs&package-manager=npm_and_yarn&previous-version=1.19.1&new-version=1.19.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5521/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518/events","html_url":"https://github.com/withspectrum/spectrum/pull/5518","id":1171878241,"node_id":"PR_kwDOA7YDc840ksL7","number":5518,"title":"Bump lodash from 4.17.11 to 4.17.21 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-03-17T03:11:36Z","updated_at":"2022-03-17T03:11:38Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5518","html_url":"https://github.com/withspectrum/spectrum/pull/5518","diff_url":"https://github.com/withspectrum/spectrum/pull/5518.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5518.patch","merged_at":null},"body":"Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21.\n\nCommits
\n\nf299b52
Bump to v4.17.21 \nc4847eb
Improve performance of toNumber
, trim
and trimEnd
on large input strings \n3469357
Prevent command injection through _.template
's variable
option \nded9bc6
Bump to v4.17.20. \n63150ef
Documentation fixes. \n00f0f62
test.js: Remove trailing comma. \n846e434
Temporarily use a custom fork of lodash-cli
. \n5d046f3
Re-enable Travis tests on 4.17
branch. \naa816b3
Remove /npm-package
. \nd7fbc52
Bump to v4.17.19 \n- Additional commits viewable in compare view
\n
\n \n\nMaintainer changes
\nThis version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash&package-manager=npm_and_yarn&previous-version=4.17.11&new-version=4.17.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5518/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517/events","html_url":"https://github.com/withspectrum/spectrum/pull/5517","id":1170248377,"node_id":"PR_kwDOA7YDc840fj_o","number":5517,"title":"Bump lodash-es from 4.17.15 to 4.17.21","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-03-15T20:49:13Z","updated_at":"2022-03-15T20:49:14Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5517","html_url":"https://github.com/withspectrum/spectrum/pull/5517","diff_url":"https://github.com/withspectrum/spectrum/pull/5517.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5517.patch","merged_at":null},"body":"Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.\n\nCommits
\n\nf299b52
Bump to v4.17.21 \nc4847eb
Improve performance of toNumber
, trim
and trimEnd
on large input strings \n3469357
Prevent command injection through _.template
's variable
option \nded9bc6
Bump to v4.17.20. \n63150ef
Documentation fixes. \n00f0f62
test.js: Remove trailing comma. \n846e434
Temporarily use a custom fork of lodash-cli
. \n5d046f3
Re-enable Travis tests on 4.17
branch. \naa816b3
Remove /npm-package
. \nd7fbc52
Bump to v4.17.19 \n- Additional commits viewable in compare view
\n
\n \n\nMaintainer changes
\nThis version was pushed to npm by bnjmnt4n, a new releaser for lodash-es since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash-es&package-manager=npm_and_yarn&previous-version=4.17.15&new-version=4.17.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5517/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516/events","html_url":"https://github.com/withspectrum/spectrum/pull/5516","id":1170074379,"node_id":"PR_kwDOA7YDc840e8hj","number":5516,"title":"Bump lodash-es from 4.17.11 to 4.17.21 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-03-15T19:06:30Z","updated_at":"2022-03-15T19:06:31Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5516","html_url":"https://github.com/withspectrum/spectrum/pull/5516","diff_url":"https://github.com/withspectrum/spectrum/pull/5516.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5516.patch","merged_at":null},"body":"Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21.\n\nCommits
\n\nf299b52
Bump to v4.17.21 \nc4847eb
Improve performance of toNumber
, trim
and trimEnd
on large input strings \n3469357
Prevent command injection through _.template
's variable
option \nded9bc6
Bump to v4.17.20. \n63150ef
Documentation fixes. \n00f0f62
test.js: Remove trailing comma. \n846e434
Temporarily use a custom fork of lodash-cli
. \n5d046f3
Re-enable Travis tests on 4.17
branch. \naa816b3
Remove /npm-package
. \nd7fbc52
Bump to v4.17.19 \n- Additional commits viewable in compare view
\n
\n \n\nMaintainer changes
\nThis version was pushed to npm by bnjmnt4n, a new releaser for lodash-es since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash-es&package-manager=npm_and_yarn&previous-version=4.17.11&new-version=4.17.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5516/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511/events","html_url":"https://github.com/withspectrum/spectrum/pull/5511","id":1153416931,"node_id":"PR_kwDOA7YDc84zoScH","number":5511,"title":"Bump url-parse from 1.4.7 to 1.5.10","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-27T21:59:44Z","updated_at":"2022-02-27T21:59:45Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5511","html_url":"https://github.com/withspectrum/spectrum/pull/5511","diff_url":"https://github.com/withspectrum/spectrum/pull/5511.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5511.patch","merged_at":null},"body":"Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.10.\n\nCommits
\n\n8cd4c6c
1.5.10 \nce7a01f
[fix] Improve handling of empty port \n0071490
[doc] Update JSDoc comment \na7044e3
[minor] Use more descriptive variable name \nd547792
[security] Add credits for CVE-2022-0691 \nad23357
1.5.9 \n0e3fb54
[fix] Strip all control characters from the beginning of the URL \n61864a8
[security] Add credits for CVE-2022-0686 \nbb0104d
1.5.8 \nd5c6479
[fix] Handle the case where the port is specified but empty \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=url-parse&package-manager=npm_and_yarn&previous-version=1.4.7&new-version=1.5.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5511/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509/events","html_url":"https://github.com/withspectrum/spectrum/pull/5509","id":1151078530,"node_id":"PR_kwDOA7YDc84zfznh","number":5509,"title":"Bump prismjs from 1.16.0 to 1.27.0","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-26T02:21:40Z","updated_at":"2022-02-26T02:21:42Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5509","html_url":"https://github.com/withspectrum/spectrum/pull/5509","diff_url":"https://github.com/withspectrum/spectrum/pull/5509.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5509.patch","merged_at":null},"body":"Bumps [prismjs](https://github.com/PrismJS/prism) from 1.16.0 to 1.27.0.\n\nRelease notes
\nSourced from prismjs's releases.
\n\nv1.27.0
\nRelease 1.27.0
\nv1.26.0
\nRelease 1.26.0
\nv1.25.0
\nRelease 1.25.0
\nv1.24.1
\nRelease 1.24.1
\nv1.24.0
\nRelease 1.24.0
\nv1.23.0
\nRelease 1.23.0
\nv1.22.0
\nRelease 1.22.0
\nv1.21.0
\nRelease 1.21.0
\nv1.20.0
\nRelease 1.20.0
\nv1.19.0
\nRelease 1.19.0
\nv1.18.0
\nRelease 1.18.0
\nv1.17.1
\nRelease 1.17.1
\nv1.17.0
\nRelease 1.17.0
\n
\n \n\nChangelog
\nSourced from prismjs's changelog.
\n\n1.27.0 (2022-02-17)
\nNew components
\n\nUpdated components
\n\n- AutoIt\n\n
\n- EditorConfig\n
\n- Change alias of
section
from keyword
to selector
(#3305) e46501b9
\n
\n \n- Ini\n\n
\n- MongoDB\n\n
\n- PureBasic\n
\n- Added missing keyword and fixed constants ending with
$
(#3320) d6c53726
\n
\n \n- Scala\n\n
\n- Systemd configuration file\n\n
\n
\nUpdated plugins
\n\nOther
\n\n- Core\n
\n- Added better error message for missing grammars (#3311)
2cc4660b
\n
\n \n
\n1.26.0 (2022-01-06)
\nNew components
\n\nUpdated components
\n\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n\nMaintainer changes
\nThis version was pushed to npm by rundevelopment, a new releaser for prismjs since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prismjs&package-manager=npm_and_yarn&previous-version=1.16.0&new-version=1.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5509/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507/events","html_url":"https://github.com/withspectrum/spectrum/pull/5507","id":1151024377,"node_id":"PR_kwDOA7YDc84zfm3b","number":5507,"title":"Bump prismjs from 1.16.0 to 1.27.0 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-26T01:34:49Z","updated_at":"2022-02-26T01:34:50Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5507","html_url":"https://github.com/withspectrum/spectrum/pull/5507","diff_url":"https://github.com/withspectrum/spectrum/pull/5507.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5507.patch","merged_at":null},"body":"Bumps [prismjs](https://github.com/PrismJS/prism) from 1.16.0 to 1.27.0.\n\nRelease notes
\nSourced from prismjs's releases.
\n\nv1.27.0
\nRelease 1.27.0
\nv1.26.0
\nRelease 1.26.0
\nv1.25.0
\nRelease 1.25.0
\nv1.24.1
\nRelease 1.24.1
\nv1.24.0
\nRelease 1.24.0
\nv1.23.0
\nRelease 1.23.0
\nv1.22.0
\nRelease 1.22.0
\nv1.21.0
\nRelease 1.21.0
\nv1.20.0
\nRelease 1.20.0
\nv1.19.0
\nRelease 1.19.0
\nv1.18.0
\nRelease 1.18.0
\nv1.17.1
\nRelease 1.17.1
\nv1.17.0
\nRelease 1.17.0
\n
\n \n\nChangelog
\nSourced from prismjs's changelog.
\n\n1.27.0 (2022-02-17)
\nNew components
\n\nUpdated components
\n\n- AutoIt\n\n
\n- EditorConfig\n
\n- Change alias of
section
from keyword
to selector
(#3305) e46501b9
\n
\n \n- Ini\n\n
\n- MongoDB\n\n
\n- PureBasic\n
\n- Added missing keyword and fixed constants ending with
$
(#3320) d6c53726
\n
\n \n- Scala\n\n
\n- Systemd configuration file\n\n
\n
\nUpdated plugins
\n\nOther
\n\n- Core\n
\n- Added better error message for missing grammars (#3311)
2cc4660b
\n
\n \n
\n1.26.0 (2022-01-06)
\nNew components
\n\nUpdated components
\n\n\n
\n... (truncated)
\n \n\nCommits
\n\n \n\nMaintainer changes
\nThis version was pushed to npm by rundevelopment, a new releaser for prismjs since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prismjs&package-manager=npm_and_yarn&previous-version=1.16.0&new-version=1.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5507/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505/events","html_url":"https://github.com/withspectrum/spectrum/pull/5505","id":1132814415,"node_id":"PR_kwDOA7YDc84yiM50","number":5505,"title":"Bump ajv from 6.10.0 to 6.12.6 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-11T16:19:57Z","updated_at":"2022-02-11T16:19:58Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5505","html_url":"https://github.com/withspectrum/spectrum/pull/5505","diff_url":"https://github.com/withspectrum/spectrum/pull/5505.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5505.patch","merged_at":null},"body":"Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.0 to 6.12.6.\n\nRelease notes
\nSourced from ajv's releases.
\n\nv6.12.6
\nFix performance issue of "url" format.
\nv6.12.5
\nFix uri scheme validation (@ChALkeR
).\nFix boolean schemas with strictKeywords option (#1270)
\nv6.12.4
\nFix: coercion of one-item arrays to scalar that should fail validation (failing example).
\nv6.12.3
\nPass schema object to processCode function\nOption for strictNumbers (@issacgerges
, #1128)\nFixed vulnerability related to untrusted schemas (CVE-2020-15366)
\nv6.12.2
\nRemoved post-install script
\nv6.12.1
\nDocs and dependency updates
\nv6.12.0
\nImproved hostname validation (@sambauers
, #1143)\nOption keywords
to add custom keywords (@franciscomorais
, #1137)\nTypes fixes (@boenrobot
, @MattiAstedrone
)\nDocs:
\n\nv6.11.0
\nTime formats support two digit and colon-less variants of timezone offset (#1061 , @cjpillsbury
)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test
\nv6.10.2
\nFix: the unknown keywords were ignored with the option strictKeywords: true
(instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.
\nv6.10.1
\nFix types\nFix addSchema (#1001)\nUpdate dependencies
\n
\n \n\nCommits
\n\nfe59143
6.12.6 \nd580d3e
Merge pull request #1298 from ajv-validator/fix-url \nfd36389
fix: regular expression for "url" format \n490e34c
docs: link to v7-beta branch \n9cd93a1
docs: note about v7 in readme \n877d286
Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type \nf1c8e45
6.12.5 \n764035e
Merge branch 'ChALkeR-chalker/fix-comma' \n3798160
Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR... \na3c7eba
Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac... \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv&package-manager=npm_and_yarn&previous-version=6.10.0&new-version=6.12.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5505/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504/events","html_url":"https://github.com/withspectrum/spectrum/pull/5504","id":1132364142,"node_id":"PR_kwDOA7YDc84ygo1q","number":5504,"title":"Bump handlebars from 4.1.2 to 4.7.7","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-11T11:01:44Z","updated_at":"2022-02-11T11:01:45Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5504","html_url":"https://github.com/withspectrum/spectrum/pull/5504","diff_url":"https://github.com/withspectrum/spectrum/pull/5504.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5504.patch","merged_at":null},"body":"Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.7.7.\n\nChangelog
\nSourced from handlebars's changelog.
\n\nv4.7.7 - February 15th, 2021
\n\n- fix weird error in integration tests - eb860c0
\n- fix: check prototype property access in strict-mode (#1736) - b6d3de7
\n- fix: escape property names in compat mode (#1736) - f058970
\n- refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
\n- chore: start testing on Node.js 12 and 13 - 3789a30
\n
\n(POSSIBLY) BREAKING CHANGES:
\n\n- the changes from version 4.6.0 now also apply\nin when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.
\n
\nThat is why we only bump the patch version despite mentioning breaking changes.
\nCommits
\nv4.7.6 - April 3rd, 2020
\nChore/Housekeeping:
\n\nCompatibility notes:
\n\n- Restored Node.js compatibility
\n
\nCommits
\nv4.7.5 - April 2nd, 2020
\nChore/Housekeeping:
\n\nNode.js version support has been changed to v6+ Reverted in 4.7.6 \n
\nCompatibility notes:
\n\nNode.js < v6 is no longer supported Reverted in 4.7.6 \n
\nCommits
\nv4.7.4 - April 1st, 2020
\nChore/Housekeeping:
\n\nCompatibility notes:
\n\n
\n... (truncated)
\n \n\nCommits
\n\na9a8e40
v4.7.7 \ne66aed5
Update release notes \n7d4d170
disable IE in Saucelabs tests \neb860c0
fix weird error in integration tests \nb6d3de7
fix: check prototype property access in strict-mode (#1736) \nf058970
fix: escape property names in compat mode (#1736) \n77825f8
refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683) \n3789a30
chore: start testing on Node.js 12 and 13 \ne6ad93e
v4.7.6 \n2bf4fc6
Update release notes \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=handlebars&package-manager=npm_and_yarn&previous-version=4.1.2&new-version=4.7.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5504/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503/events","html_url":"https://github.com/withspectrum/spectrum/pull/5503","id":1131730424,"node_id":"PR_kwDOA7YDc84yeWyO","number":5503,"title":"Bump handlebars from 4.1.2 to 4.7.7 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-11T04:56:45Z","updated_at":"2022-02-11T04:56:46Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5503","html_url":"https://github.com/withspectrum/spectrum/pull/5503","diff_url":"https://github.com/withspectrum/spectrum/pull/5503.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5503.patch","merged_at":null},"body":"Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.7.7.\n\nChangelog
\nSourced from handlebars's changelog.
\n\nv4.7.7 - February 15th, 2021
\n\n- fix weird error in integration tests - eb860c0
\n- fix: check prototype property access in strict-mode (#1736) - b6d3de7
\n- fix: escape property names in compat mode (#1736) - f058970
\n- refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
\n- chore: start testing on Node.js 12 and 13 - 3789a30
\n
\n(POSSIBLY) BREAKING CHANGES:
\n\n- the changes from version 4.6.0 now also apply\nin when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.
\n
\nThat is why we only bump the patch version despite mentioning breaking changes.
\nCommits
\nv4.7.6 - April 3rd, 2020
\nChore/Housekeeping:
\n\nCompatibility notes:
\n\n- Restored Node.js compatibility
\n
\nCommits
\nv4.7.5 - April 2nd, 2020
\nChore/Housekeeping:
\n\nNode.js version support has been changed to v6+ Reverted in 4.7.6 \n
\nCompatibility notes:
\n\nNode.js < v6 is no longer supported Reverted in 4.7.6 \n
\nCommits
\nv4.7.4 - April 1st, 2020
\nChore/Housekeeping:
\n\nCompatibility notes:
\n\n
\n... (truncated)
\n \n\nCommits
\n\na9a8e40
v4.7.7 \ne66aed5
Update release notes \n7d4d170
disable IE in Saucelabs tests \neb860c0
fix weird error in integration tests \nb6d3de7
fix: check prototype property access in strict-mode (#1736) \nf058970
fix: escape property names in compat mode (#1736) \n77825f8
refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683) \n3789a30
chore: start testing on Node.js 12 and 13 \ne6ad93e
v4.7.6 \n2bf4fc6
Update release notes \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=handlebars&package-manager=npm_and_yarn&previous-version=4.1.2&new-version=4.7.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5503/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502/events","html_url":"https://github.com/withspectrum/spectrum/pull/5502","id":1130813369,"node_id":"PR_kwDOA7YDc84ybC71","number":5502,"title":"Bump ua-parser-js from 0.7.19 to 0.7.31","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-10T19:53:19Z","updated_at":"2022-02-10T19:53:20Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5502","html_url":"https://github.com/withspectrum/spectrum/pull/5502","diff_url":"https://github.com/withspectrum/spectrum/pull/5502.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5502.patch","merged_at":null},"body":"Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.19 to 0.7.31.\n\nCommits
\n\n97f3368
Bump version 0.7.31 \nb86860e
Merge pull request #546 from hansott/master \n157af1e
Merge pull request #547 from sunny-mwx/patch-1 \nb4cfe1b
Merge pull request #535 from shimar/fix/534-oppo-reno5-a \n95fea1c
Merge pull request #543 from catboy1006/master \n30648ce
✨ Use AST to verify whether regexes are safe \n10c978e
Update ua-parser.js \nfbd2c68
feat: require the use of ===
and !==
\n29d5e43
Securing the 1.x version (issue #536) \n051aa5d
Securing the 0.8.x version (issue #536) \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ua-parser-js&package-manager=npm_and_yarn&previous-version=0.7.19&new-version=0.7.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5502/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501/events","html_url":"https://github.com/withspectrum/spectrum/pull/5501","id":1130339757,"node_id":"PR_kwDOA7YDc84yZYn_","number":5501,"title":"Bump undefsafe from 2.0.2 to 2.0.5","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-10T15:44:45Z","updated_at":"2022-02-10T15:44:46Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5501","html_url":"https://github.com/withspectrum/spectrum/pull/5501","diff_url":"https://github.com/withspectrum/spectrum/pull/5501.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5501.patch","merged_at":null},"body":"Bumps [undefsafe](https://github.com/remy/undefsafe) from 2.0.2 to 2.0.5.\n\nRelease notes
\nSourced from undefsafe's releases.
\n\nv2.0.5
\n2.0.5 (2021-10-17)
\nBug Fixes
\n\n- remove debug and add tests (58fc474), closes #12
\n
\n
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undefsafe&package-manager=npm_and_yarn&previous-version=2.0.2&new-version=2.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5501/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500/events","html_url":"https://github.com/withspectrum/spectrum/pull/5500","id":1129787899,"node_id":"PR_kwDOA7YDc84yXcqD","number":5500,"title":"Bump ua-parser-js from 0.7.19 to 0.7.31 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-10T10:25:59Z","updated_at":"2022-02-10T10:26:00Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5500","html_url":"https://github.com/withspectrum/spectrum/pull/5500","diff_url":"https://github.com/withspectrum/spectrum/pull/5500.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5500.patch","merged_at":null},"body":"Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.19 to 0.7.31.\n\nCommits
\n\n97f3368
Bump version 0.7.31 \nb86860e
Merge pull request #546 from hansott/master \n157af1e
Merge pull request #547 from sunny-mwx/patch-1 \nb4cfe1b
Merge pull request #535 from shimar/fix/534-oppo-reno5-a \n95fea1c
Merge pull request #543 from catboy1006/master \n30648ce
✨ Use AST to verify whether regexes are safe \n10c978e
Update ua-parser.js \nfbd2c68
feat: require the use of ===
and !==
\n29d5e43
Securing the 1.x version (issue #536) \n051aa5d
Securing the 0.8.x version (issue #536) \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ua-parser-js&package-manager=npm_and_yarn&previous-version=0.7.19&new-version=0.7.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5500/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499/events","html_url":"https://github.com/withspectrum/spectrum/pull/5499","id":1129185001,"node_id":"PR_kwDOA7YDc84yVZjJ","number":5499,"title":"Bump undefsafe from 2.0.2 to 2.0.5 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-02-09T23:25:42Z","updated_at":"2022-02-09T23:25:43Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5499","html_url":"https://github.com/withspectrum/spectrum/pull/5499","diff_url":"https://github.com/withspectrum/spectrum/pull/5499.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5499.patch","merged_at":null},"body":"Bumps [undefsafe](https://github.com/remy/undefsafe) from 2.0.2 to 2.0.5.\n\nRelease notes
\nSourced from undefsafe's releases.
\n\nv2.0.5
\n2.0.5 (2021-10-17)
\nBug Fixes
\n\n- remove debug and add tests (58fc474), closes #12
\n
\n
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undefsafe&package-manager=npm_and_yarn&previous-version=2.0.2&new-version=2.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5499/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498/events","html_url":"https://github.com/withspectrum/spectrum/pull/5498","id":1116405033,"node_id":"PR_kwDOA7YDc84xr55S","number":5498,"title":"Bump cached-path-relative from 1.0.2 to 1.1.0","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-01-27T15:37:05Z","updated_at":"2022-01-27T15:37:06Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5498","html_url":"https://github.com/withspectrum/spectrum/pull/5498","diff_url":"https://github.com/withspectrum/spectrum/pull/5498.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5498.patch","merged_at":null},"body":"Bumps [cached-path-relative](https://github.com/ashaffer/cached-path-relative) from 1.0.2 to 1.1.0.\n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cached-path-relative&package-manager=npm_and_yarn&previous-version=1.0.2&new-version=1.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5498/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497/events","html_url":"https://github.com/withspectrum/spectrum/pull/5497","id":1104598202,"node_id":"PR_kwDOA7YDc84xFi1L","number":5497,"title":"Bump shelljs from 0.8.3 to 0.8.5","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2022-01-15T07:24:53Z","updated_at":"2022-01-15T07:24:54Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5497","html_url":"https://github.com/withspectrum/spectrum/pull/5497","diff_url":"https://github.com/withspectrum/spectrum/pull/5497.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5497.patch","merged_at":null},"body":"Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.3 to 0.8.5.\n\nRelease notes
\nSourced from shelljs's releases.
\n\nv0.8.5
\nThis was a small security fix for #1058.
\nv0.8.4
\nSmall patch release to fix a circular dependency warning in node v14. See #973.
\n
\n \n\nChangelog
\nSourced from shelljs's changelog.
\n\nChange Log
\n\nFull Changelog
\nClosed issues:
\n\n- find returns empty array even though directory has files #922
\n- exec() should support node v10 (maxbuffer change) #915
\n- grep exit status and extra newlines #900
\n- Travis CI currently broken #893
\n- Drop node v4 support #873
\n- cp -Ru respects the -R but not the -u #808
\n
\nMerged pull requests:
\n\n
\n \n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=shelljs&package-manager=npm_and_yarn&previous-version=0.8.3&new-version=0.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5497/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496/events","html_url":"https://github.com/withspectrum/spectrum/pull/5496","id":1055383128,"node_id":"PR_kwDOA7YDc84uncYC","number":5496,"title":"Bump aws-sdk from 2.200.0 to 2.814.0 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2021-11-16T21:47:10Z","updated_at":"2021-11-16T21:47:11Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5496","html_url":"https://github.com/withspectrum/spectrum/pull/5496","diff_url":"https://github.com/withspectrum/spectrum/pull/5496.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5496.patch","merged_at":null},"body":"Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.200.0 to 2.814.0.\n\nChangelog
\nSourced from aws-sdk's changelog.
\n\n2.814.0
\n\n- bugfix: Credentials: SDK will throw if shared ini file's profile name can be resolved to proto
\n- feature: EC2: EBS io2 volumes now supports Multi-Attach
\n- feature: PersonalizeRuntime: Updated FilterValues regex pattern to align with Filter Expression.
\n- feature: RDS: Adds IAM DB authentication information to the PendingModifiedValues output of the DescribeDBInstances API. Adds ClusterPendingModifiedValues information to the output of the DescribeDBClusters API.
\n
\n2.813.0
\n\n- feature: ConfigService: Adding PutExternalEvaluation API which grants permission to deliver evaluation result to AWS Config
\n- feature: DLM: Provide Cross-account copy event based policy support in DataLifecycleManager (DLM)
\n- feature: EC2: C6gn instances are powered by AWS Graviton2 processors and offer 100 Gbps networking bandwidth. These instances deliver up to 40% better price-performance benefit versus comparable x86-based instances
\n- feature: Imagebuilder: This release adds support for building and distributing container images within EC2 Image Builder.
\n- feature: KMS: Added CreationDate and LastUpdatedDate timestamps to ListAliases API response
\n- feature: Route53: This release adds support for DNSSEC signing in Amazon Route 53.
\n- feature: Route53Resolver: Route 53 Resolver adds support for enabling resolver DNSSEC validation in virtual private cloud (VPC).
\n- feature: SQS: Amazon SQS adds queue attributes to enable high throughput FIFO.
\n- feature: ServiceCatalog: Support TagOptions sharing with Service Catalog portfolio sharing.
\n
\n2.812.0
\n\n- feature: CostExplorer: This release updates the "MonitorArnList" from a list of String to be a list of Arn for both CreateAnomalySubscription and UpdateAnomalySubscription APIs
\n- feature: Location: Initial release of Amazon Location Service. A new geospatial service providing capabilities to render maps, geocode/reverse geocode, track device locations, and detect geofence entry/exit events.
\n- feature: QuickSight: QuickSight now supports connecting to federated data sources of Athena
\n- feature: WellArchitected: This is the first release of AWS Well-Architected Tool API support, use to review your workload and compare against the latest AWS architectural best practices.
\n
\n2.811.0
\n\n- feature: Amp: (New Service) Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor containerized applications securely and at scale.
\n- feature: GreengrassV2: AWS IoT Greengrass V2 is a new major version of AWS IoT Greengrass. This release adds several updates such as modular components, continuous deployments, and improved ease of use.
\n- feature: IoTAnalytics: FileFormatConfiguration enables data store to save data in JSON or Parquet format. S3Paths enables you to specify the S3 objects that save your channel messages when you reprocess the pipeline.
\n- feature: IoTFleetHub: AWS IoT Fleet Hub, a new feature of AWS IoT Device Management that provides a web application for monitoring and managing device fleets connected to AWS IoT at scale.
\n- feature: IoTWireless: AWS IoT for LoRaWAN enables customers to setup a private LoRaWAN network by connecting their LoRaWAN devices and gateways to the AWS cloud without managing a LoRaWAN Network Server.
\n- feature: Iot: AWS IoT Rules Engine adds Kafka Action that allows sending data to Apache Kafka clusters inside a VPC. AWS IoT Device Defender adds custom metrics and machine-learning based anomaly detection.
\n- feature: IotDeviceAdvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.
\n- feature: Lambda: Added support for Apache Kafka as a event source. Added support for TumblingWindowInSeconds for streams event source mappings. Added support for FunctionResponseTypes for streams event source mappings
\n- feature: SSM: Adding support for Change Manager API content
\n
\n2.810.0
\n\n- feature: DevOpsGuru: Documentation updates for DevOps Guru.
\n- feature: EC2: Add c5n.metal to ec2 instance types list
\n- feature: GlobalAccelerator: This release adds support for custom routing accelerators
\n
\n2.809.0
\n\n- feature: AutoScaling: Documentation updates and corrections for Amazon EC2 Auto Scaling API Reference and SDKs.
\n- feature: CloudTrail: CloudTrailInvalidClientTokenIdException is now thrown when a call results in the InvalidClientTokenId error code. The Name parameter of the AdvancedEventSelector data type is now optional.
\n- feature: IoTSiteWise: Added the ListAssetRelationships operation and support for composite asset models, which represent structured sets of properties within asset models.
\n
\n2.808.0
\n\n- feature: EC2: TGW connect simplifies connectivity of SD-WAN appliances; IGMP support for TGW multicast; VPC Reachability Analyzer for VPC resources connectivity analysis.
\n- feature: Kendra: Amazon Kendra now supports adding synonyms to an index through the new Thesaurus resource.
\n- feature: NetworkManager: This release adds API support for Transit Gateway Connect integration into AWS Network Manager.
\n
\n2.807.0
\n\n
\n... (truncated)
\n \n\nCommits
\n\n8875a35
Updates SDK to v2.814.0 \ndd83d67
throw at invalid profile name in shared ini file (#3585) \nee0c5a3
Updates SDK to v2.813.0 \n468d15b
Updates SDK to v2.812.0 \nc50132f
Update README.md with references to JS SDK V3 (#3582) \n3e19b08
Updates SDK to v2.811.0 \nf26c00d
Updates SDK to v2.810.0 \nb393a6e
Adds automatic PreSignedUrl generation to RDS.StartDBInstanceAutomatedBackups... \nfa57967
Updates SDK to v2.809.0 \n9a52018
Updates SDK to v2.808.0 \n- Additional commits viewable in compare view
\n
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-sdk&package-manager=npm_and_yarn&previous-version=2.200.0&new-version=2.814.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5496/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494/events","html_url":"https://github.com/withspectrum/spectrum/pull/5494","id":1043908256,"node_id":"PR_kwDOA7YDc84uDXQ0","number":5494,"title":"Bump validator from 9.4.1 to 13.7.0 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2021-11-03T17:59:31Z","updated_at":"2021-11-03T17:59:32Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5494","html_url":"https://github.com/withspectrum/spectrum/pull/5494","diff_url":"https://github.com/withspectrum/spectrum/pull/5494.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5494.patch","merged_at":null},"body":"Bumps [validator](https://github.com/validatorjs/validator.js) from 9.4.1 to 13.7.0.\n\nRelease notes
\nSourced from validator's releases.
\n\n13.7.0
\n13.7.0
\nNew Features
\n\nFixes and Enhancements
\n\nNew and Improved Locales
\n\n- \n
isAlpha
, isAlphanumeric
:
\n\n \n- \n
isPassportNumber
:
\n\n \n- \n
isPostalCode
:
\n\n \n
\n\n
\n... (truncated)
\n \n\nChangelog
\nSourced from validator's changelog.
\n\n13.7.0
\nNew Features
\n\nNew Features
\n\nFixes and Enhancements
\n\nNew and Improved Locales
\n\n- \n
isAlpha
, isAlphanumeric
:
\n\n \n- \n
isPassportNumber
:
\n\n \n
\n\n
\n... (truncated)
\n \n\nCommits
\n\n47ee5ad
13.7.0 \n496fc8b
fix(rtrim): remove regex to prevent ReDOS attack (#1738) \n45901ec
Merge pull request #1851 from validatorjs/chore/fix-merge-conflicts \n83cb7f8
chore: merge conflict clean-up \nf17e220
feat(isMobilePhone): add El Salvador es-SV locale \n5b06703
feat(isMobilePhone): add Palestine ar-PS locale \na3faa83
feat(isMobilePhone): add Botswana en-BW locale \n26605f9
feat(isMobilePhone): add Turkmenistan tk-TM \n0e5d5d4
feat(isMobilePhone): add Guyana en-GY locale \nf7ff349
feat(isMobilePhone): add Frech Polynesia fr-PF locale \n- Additional commits viewable in compare view
\n
\n \n\nMaintainer changes
\nThis version was pushed to npm by profnandaa, a new releaser for validator since your current version.
\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=validator&package-manager=npm_and_yarn&previous-version=9.4.1&new-version=13.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5494/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493/events","html_url":"https://github.com/withspectrum/spectrum/pull/5493","id":1001635579,"node_id":"PR_kwDOA7YDc84r_xgb","number":5493,"title":"Bump tmpl from 1.0.4 to 1.0.5 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2021-09-21T01:16:59Z","updated_at":"2021-09-21T01:16:59Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5493","html_url":"https://github.com/withspectrum/spectrum/pull/5493","diff_url":"https://github.com/withspectrum/spectrum/pull/5493.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5493.patch","merged_at":null},"body":"Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.\n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tmpl&package-manager=npm_and_yarn&previous-version=1.0.4&new-version=1.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5493/timeline","performed_via_github_app":null,"state_reason":null},{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492","repository_url":"https://api.github.com/repos/withspectrum/spectrum","labels_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492/labels{/name}","comments_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492/comments","events_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492/events","html_url":"https://github.com/withspectrum/spectrum/pull/5492","id":1001532387,"node_id":"PR_kwDOA7YDc84r_cT0","number":5492,"title":"Bump object-path from 0.11.4 to 0.11.8 in /api","user":{"login":"dependabot[bot]","id":49699333,"node_id":"MDM6Qm90NDk2OTkzMzM=","avatar_url":"https://avatars.githubusercontent.com/in/29110?v=4","gravatar_id":"","url":"https://api.github.com/users/dependabot%5Bbot%5D","html_url":"https://github.com/apps/dependabot","followers_url":"https://api.github.com/users/dependabot%5Bbot%5D/followers","following_url":"https://api.github.com/users/dependabot%5Bbot%5D/following{/other_user}","gists_url":"https://api.github.com/users/dependabot%5Bbot%5D/gists{/gist_id}","starred_url":"https://api.github.com/users/dependabot%5Bbot%5D/starred{/owner}{/repo}","subscriptions_url":"https://api.github.com/users/dependabot%5Bbot%5D/subscriptions","organizations_url":"https://api.github.com/users/dependabot%5Bbot%5D/orgs","repos_url":"https://api.github.com/users/dependabot%5Bbot%5D/repos","events_url":"https://api.github.com/users/dependabot%5Bbot%5D/events{/privacy}","received_events_url":"https://api.github.com/users/dependabot%5Bbot%5D/received_events","type":"Bot","site_admin":false},"labels":[{"id":1536487364,"node_id":"MDU6TGFiZWwxNTM2NDg3MzY0","url":"https://api.github.com/repos/withspectrum/spectrum/labels/dependencies","name":"dependencies","color":"0366d6","default":false,"description":"Pull requests that update a dependency file"}],"state":"open","locked":true,"assignee":null,"assignees":[],"milestone":null,"comments":0,"created_at":"2021-09-20T23:03:10Z","updated_at":"2021-09-20T23:03:11Z","closed_at":null,"author_association":"NONE","active_lock_reason":null,"draft":false,"pull_request":{"url":"https://api.github.com/repos/withspectrum/spectrum/pulls/5492","html_url":"https://github.com/withspectrum/spectrum/pull/5492","diff_url":"https://github.com/withspectrum/spectrum/pull/5492.diff","patch_url":"https://github.com/withspectrum/spectrum/pull/5492.patch","merged_at":null},"body":"Bumps [object-path](https://github.com/mariocasciaro/object-path) from 0.11.4 to 0.11.8.\n\nCommits
\n\n \n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=object-path&package-manager=npm_and_yarn&previous-version=0.11.4&new-version=0.11.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\nDependabot commands and options
\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/withspectrum/spectrum/network/alerts).\n\n ","reactions":{"url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492/reactions","total_count":0,"+1":0,"-1":0,"laugh":0,"hooray":0,"confused":0,"heart":0,"rocket":0,"eyes":0},"timeline_url":"https://api.github.com/repos/withspectrum/spectrum/issues/5492/timeline","performed_via_github_app":null,"state_reason":null}]