[GitHub] [airavata-django-portal-sdk] dependabot[bot] opened a new pull request, #11: Bump django from 3.2.16 to 3.2.17
dependabot[bot] opened a new pull request, #11: URL: https://github.com/apache/airavata-django-portal-sdk/pull/11 Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17. Commits https://github.com/django/django/commit/aed1bb56d118937d5d6f3ec72f170779dd8c74cd;>aed1bb5 [3.2.x] Bumped version for 3.2.17 release. https://github.com/django/django/commit/c7e0151fdf33e1b11d488b6f67b94fdf3a30614a;>c7e0151 [3.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Ac... https://github.com/django/django/commit/9da46345d83e5d9ecb60512efb2d2e0b2b02b974;>9da4634 [3.2.x] Fixed inspectdb.tests.InspectDBTestCase.test_custom_fields() on SQLit... https://github.com/django/django/commit/4c2b26174f044adc4a6461154385720479eaee55;>4c2b261 [3.2.x] Removed 'tests' path prefix in a couple tests. https://github.com/django/django/commit/d21543182d2cb9947650ecc48c068d1bfb7d0311;>d215431 [3.2.x] Adjusted release notes for 3.2.17. https://github.com/django/django/commit/4e31d3ea55315811db00f3f0d5c677e2344c2f5d;>4e31d3e [3.2.x] Added stub release notes for 3.2.17. https://github.com/django/django/commit/238e8898ac0486f60ca3567d2459cda1d51912f3;>238e889 [3.2.x] Corrected passenv value for tox 4.0.6+. https://github.com/django/django/commit/b381ab4906cdff0ebb4e1c6c8e30996f24be6829;>b381ab4 [3.2.x] Disabled auto-created table of contents entries on Sphinx 5.2+. https://github.com/django/django/commit/f6f0699d01f5840437bfd236c76c797943ef8edc;>f6f0699 [3.2.x] Removed obsolete doc reference to asyncio.iscoroutinefunction. https://github.com/django/django/commit/accdd0576d50b4696378ed1ab651c20affcae08b;>accdd05 [3.2.x] Added CVE-2022-36359 to security archive. Additional commits viewable in https://github.com/django/django/compare/3.2.16...3.2.17;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django=pip=3.2.16=3.2.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal-sdk/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #157: Bump json5 from 1.0.1 to 1.0.2 in /django_airavata/apps/workspace
dependabot[bot] opened a new pull request, #157: URL: https://github.com/apache/airavata-django-portal/pull/157 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from https://github.com/json5/json5/releases;>json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). This has been backported to v1. (https://github-redirect.dependabot.com/json5/json5/issues/298;>#298) Changelog Sourced from https://github.com/json5/json5/blob/main/CHANGELOG.md;>json5's changelog. Unreleased [https://github.com/json5/json5/tree/main;>code, https://github.com/json5/json5/compare/v2.2.3...HEAD;>diff] v2.2.3 [https://github.com/json5/json5/tree/v2.2.3;>code, https://github.com/json5/json5/compare/v2.2.2...v2.2.3;>diff] Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (https://github-redirect.dependabot.com/json5/json5/issues/299;>#299) v2.2.2 [https://github.com/json5/json5/tree/v2.2.2;>code, https://github.com/json5/json5/compare/v2.2.1...v2.2.2;>diff] Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). v2.2.1 [https://github.com/json5/json5/tree/v2.2.1;>code, https://github.com/json5/json5/compare/v2.2.0...v2.2.1;>diff] Fix: Removed dependence on minimist to patch CVE-2021-44906. (https://github-redirect.dependabot.com/json5/json5/issues/266;>#266) v2.2.0 [https://github.com/json5/json5/tree/v2.2.0;>code, https://github.com/json5/json5/compare/v2.1.3...v2.2.0;>diff] New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (https://github-redirect.dependabot.com/json5/json5/issues/236;>#236, https://github-redirect.dependabot.com/json5/json5/issues/244;>#244) v2.1.3 [https://github.com/json5/json5/tree/v2.1.3;>code, https://github.com/json5/json5/compare/v2.1.2...v2.1.3;>diff] Fix: An out of memory bug when parsing numbers has been fixed. (https://github-redirect.dependabot.com/json5/json5/issues/228;>#228, https://github-redirect.dependabot.com/json5/json5/issues/229;>#229) v2.1.2 [https://github.com/json5/json5/tree/v2.1.2;>code, https://github.com/json5/json5/compare/v2.1.1...v2.1.2;>diff] ... (truncated) Commits https://github.com/json5/json5/commit/a62db1e51e1031d92ac260f5bb38bbed1fdbc754;>a62db1e 1.0.2 https://github.com/json5/json5/commit/e0c23fe458a77c0b2cdb271376be5d8d0908133c;>e0c23fe docs: update CHANGELOG for v1.0.2 https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972;>62a6540 fix: add proto to objects and arrays See full diff in https://github.com/json5/json5/compare/v1.0.1...v1.0.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5=npm_and_yarn=1.0.1=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #156: Bump json5 from 1.0.1 to 1.0.2 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #156: URL: https://github.com/apache/airavata-django-portal/pull/156 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from https://github.com/json5/json5/releases;>json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). This has been backported to v1. (https://github-redirect.dependabot.com/json5/json5/issues/298;>#298) Changelog Sourced from https://github.com/json5/json5/blob/main/CHANGELOG.md;>json5's changelog. Unreleased [https://github.com/json5/json5/tree/main;>code, https://github.com/json5/json5/compare/v2.2.3...HEAD;>diff] v2.2.3 [https://github.com/json5/json5/tree/v2.2.3;>code, https://github.com/json5/json5/compare/v2.2.2...v2.2.3;>diff] Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (https://github-redirect.dependabot.com/json5/json5/issues/299;>#299) v2.2.2 [https://github.com/json5/json5/tree/v2.2.2;>code, https://github.com/json5/json5/compare/v2.2.1...v2.2.2;>diff] Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). v2.2.1 [https://github.com/json5/json5/tree/v2.2.1;>code, https://github.com/json5/json5/compare/v2.2.0...v2.2.1;>diff] Fix: Removed dependence on minimist to patch CVE-2021-44906. (https://github-redirect.dependabot.com/json5/json5/issues/266;>#266) v2.2.0 [https://github.com/json5/json5/tree/v2.2.0;>code, https://github.com/json5/json5/compare/v2.1.3...v2.2.0;>diff] New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (https://github-redirect.dependabot.com/json5/json5/issues/236;>#236, https://github-redirect.dependabot.com/json5/json5/issues/244;>#244) v2.1.3 [https://github.com/json5/json5/tree/v2.1.3;>code, https://github.com/json5/json5/compare/v2.1.2...v2.1.3;>diff] Fix: An out of memory bug when parsing numbers has been fixed. (https://github-redirect.dependabot.com/json5/json5/issues/228;>#228, https://github-redirect.dependabot.com/json5/json5/issues/229;>#229) v2.1.2 [https://github.com/json5/json5/tree/v2.1.2;>code, https://github.com/json5/json5/compare/v2.1.1...v2.1.2;>diff] ... (truncated) Commits https://github.com/json5/json5/commit/a62db1e51e1031d92ac260f5bb38bbed1fdbc754;>a62db1e 1.0.2 https://github.com/json5/json5/commit/e0c23fe458a77c0b2cdb271376be5d8d0908133c;>e0c23fe docs: update CHANGELOG for v1.0.2 https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972;>62a6540 fix: add proto to objects and arrays See full diff in https://github.com/json5/json5/compare/v1.0.1...v1.0.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5=npm_and_yarn=1.0.1=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #155: Bump json5 from 1.0.1 to 1.0.2 in /django_airavata/static/common
dependabot[bot] opened a new pull request, #155: URL: https://github.com/apache/airavata-django-portal/pull/155 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from https://github.com/json5/json5/releases;>json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). This has been backported to v1. (https://github-redirect.dependabot.com/json5/json5/issues/298;>#298) Changelog Sourced from https://github.com/json5/json5/blob/main/CHANGELOG.md;>json5's changelog. Unreleased [https://github.com/json5/json5/tree/main;>code, https://github.com/json5/json5/compare/v2.2.3...HEAD;>diff] v2.2.3 [https://github.com/json5/json5/tree/v2.2.3;>code, https://github.com/json5/json5/compare/v2.2.2...v2.2.3;>diff] Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (https://github-redirect.dependabot.com/json5/json5/issues/299;>#299) v2.2.2 [https://github.com/json5/json5/tree/v2.2.2;>code, https://github.com/json5/json5/compare/v2.2.1...v2.2.2;>diff] Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). v2.2.1 [https://github.com/json5/json5/tree/v2.2.1;>code, https://github.com/json5/json5/compare/v2.2.0...v2.2.1;>diff] Fix: Removed dependence on minimist to patch CVE-2021-44906. (https://github-redirect.dependabot.com/json5/json5/issues/266;>#266) v2.2.0 [https://github.com/json5/json5/tree/v2.2.0;>code, https://github.com/json5/json5/compare/v2.1.3...v2.2.0;>diff] New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (https://github-redirect.dependabot.com/json5/json5/issues/236;>#236, https://github-redirect.dependabot.com/json5/json5/issues/244;>#244) v2.1.3 [https://github.com/json5/json5/tree/v2.1.3;>code, https://github.com/json5/json5/compare/v2.1.2...v2.1.3;>diff] Fix: An out of memory bug when parsing numbers has been fixed. (https://github-redirect.dependabot.com/json5/json5/issues/228;>#228, https://github-redirect.dependabot.com/json5/json5/issues/229;>#229) v2.1.2 [https://github.com/json5/json5/tree/v2.1.2;>code, https://github.com/json5/json5/compare/v2.1.1...v2.1.2;>diff] ... (truncated) Commits https://github.com/json5/json5/commit/a62db1e51e1031d92ac260f5bb38bbed1fdbc754;>a62db1e 1.0.2 https://github.com/json5/json5/commit/e0c23fe458a77c0b2cdb271376be5d8d0908133c;>e0c23fe docs: update CHANGELOG for v1.0.2 https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972;>62a6540 fix: add proto to objects and arrays See full diff in https://github.com/json5/json5/compare/v1.0.1...v1.0.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5=npm_and_yarn=1.0.1=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #154: Bump json5 from 1.0.1 to 1.0.2 in /django_airavata/apps/auth
dependabot[bot] opened a new pull request, #154: URL: https://github.com/apache/airavata-django-portal/pull/154 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from https://github.com/json5/json5/releases;>json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). This has been backported to v1. (https://github-redirect.dependabot.com/json5/json5/issues/298;>#298) Changelog Sourced from https://github.com/json5/json5/blob/main/CHANGELOG.md;>json5's changelog. Unreleased [https://github.com/json5/json5/tree/main;>code, https://github.com/json5/json5/compare/v2.2.3...HEAD;>diff] v2.2.3 [https://github.com/json5/json5/tree/v2.2.3;>code, https://github.com/json5/json5/compare/v2.2.2...v2.2.3;>diff] Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (https://github-redirect.dependabot.com/json5/json5/issues/299;>#299) v2.2.2 [https://github.com/json5/json5/tree/v2.2.2;>code, https://github.com/json5/json5/compare/v2.2.1...v2.2.2;>diff] Fix: Properties with the name __proto__ are added to objects and arrays. (https://github-redirect.dependabot.com/json5/json5/issues/199;>#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (https://github-redirect.dependabot.com/json5/json5/issues/295;>#295). v2.2.1 [https://github.com/json5/json5/tree/v2.2.1;>code, https://github.com/json5/json5/compare/v2.2.0...v2.2.1;>diff] Fix: Removed dependence on minimist to patch CVE-2021-44906. (https://github-redirect.dependabot.com/json5/json5/issues/266;>#266) v2.2.0 [https://github.com/json5/json5/tree/v2.2.0;>code, https://github.com/json5/json5/compare/v2.1.3...v2.2.0;>diff] New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (https://github-redirect.dependabot.com/json5/json5/issues/236;>#236, https://github-redirect.dependabot.com/json5/json5/issues/244;>#244) v2.1.3 [https://github.com/json5/json5/tree/v2.1.3;>code, https://github.com/json5/json5/compare/v2.1.2...v2.1.3;>diff] Fix: An out of memory bug when parsing numbers has been fixed. (https://github-redirect.dependabot.com/json5/json5/issues/228;>#228, https://github-redirect.dependabot.com/json5/json5/issues/229;>#229) v2.1.2 [https://github.com/json5/json5/tree/v2.1.2;>code, https://github.com/json5/json5/compare/v2.1.1...v2.1.2;>diff] ... (truncated) Commits https://github.com/json5/json5/commit/a62db1e51e1031d92ac260f5bb38bbed1fdbc754;>a62db1e 1.0.2 https://github.com/json5/json5/commit/e0c23fe458a77c0b2cdb271376be5d8d0908133c;>e0c23fe docs: update CHANGELOG for v1.0.2 https://github.com/json5/json5/commit/62a65408408d40aeea14c7869ed327acead12972;>62a6540 fix: add proto to objects and arrays See full diff in https://github.com/json5/json5/compare/v1.0.1...v1.0.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5=npm_and_yarn=1.0.1=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (
Re: [GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #133: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/auth
Hello -- Shouldn't these GitBox emails go to commits ? Why are they forwarded to the dev mailing list ? -- because of this it is hard to filter out actual dev mailing list conversations. Thanks. Best Regards, Thejaka Amila Kanewala, PhD https://github.com/thejkane/agm http://valagamba.net/ On Wed, Dec 7, 2022 at 10:25 AM GitBox wrote: > > dependabot[bot] opened a new pull request, #133: > URL: https://github.com/apache/airavata-django-portal/pull/133 > >Bumps [decode-uri-component]( > https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to > 0.2.2. > >Release notes >Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's > releases. > >v0.2.2 > >Prevent overwriting previously decoded tokens 980e0bf > >https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 > "> > https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 > >v0.2.1 > >Switch to GitHub workflows 76abc93 >Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 > 746ca5d >Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) > 486d7e2 >Tidelift tasks a650457 >Meta tweaks 66e1c28 > >https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 > "> > https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 > > > > >Commits > >https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 > 0.2.2 >https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf > Prevent overwriting previously decoded tokens >https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 > 0.2.1 >https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 > Switch to GitHub workflows >https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d > Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6 > ">#6 >https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 > Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1 > ">#1) >https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 > Tidelift tasks >https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 > Meta tweaks >See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare > view > > > > > >[![Dependabot compatibility score]( > https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores > ) > >Dependabot will resolve any conflicts with this PR as long as you don't > alter it yourself. You can also trigger a rebase manually by commenting > `@dependabot rebase`. > >[//]: # (dependabot-automerge-start) >[//]: # (dependabot-automerge-end) > >--- > > >Dependabot commands and options > > >You can trigger Dependabot actions by commenting on this PR: >- `@dependabot rebase` will rebase this PR >- `@dependabot recreate` will recreate this PR, overwriting any edits > that have been made to it >- `@dependabot merge` will merge this PR after your CI passes on it >- `@dependabot squash and merge` will squash and merge this PR after > your CI passes on it >- `@dependabot cancel merge` will cancel a previously requested merge > and block automerging >- `@dependabot reopen` will reopen this PR if it is closed >- `@dependabot close` will close this PR and stop Dependabot recreating > it. You can achieve the same result by closing it manually >- `@dependabot ignore this major version` will close this PR and stop > Dependabot creating any more for this major version (unless you reopen the > PR or upgrade to it yourself) >- `@dependabot ignore this minor version` will close this PR and stop > Dependabot creating any more for t
Re: Regarding airavata django portal error while running locally
Yes, sure. Thank you On Wed, Dec 14, 2022, 9:26 AM Christie, Marcus Aaron wrote: > Hi Aishwarya, > > Thanks for the screenshot. This was an issue with Node 18 (see > https://issues.apache.org/jira/browse/AIRAVATA-3668). It is fixed on the > 'develop' branch but I've also just now merged it to the 'master' branch. > > Can you please do a 'git pull' and then try again? > > Thanks, > > Marcus > > > On Dec 14, 2022, at 3:22 AM, Aishwarya Sinhasane < > aishwaryasinhas...@gmail.com> wrote: > > > > Hello Marcus > > > > I am getting the following error while running build_js.bat file. I have > attached screenshot for your reference. > > > > Thanks & Regards > > Aishwarya Sinhasane > > > > On Tue, 13 Dec 2022 at 09:25, Christie, Marcus Aaron > wrote: > > Hi Aishwarya, > > > > Can you provide the output from running build_js.bat? > > > > Thanks, > > > > Marcus > > > > > On Dec 12, 2022, at 6:07 PM, Aishwarya Sinhasane < > aishwaryasinhas...@gmail.com> wrote: > > > > > > Hello Marcus > > > > > > Thank you for your response. I have already run the build_js.bat file > and it's saying that new_default_theme is loaded successfully. I think I > have provided the screenshot for the same in previous email. If you think > build_js.bat is not running properly then please let me know how to fix it. > > > > > > Thanks and Regards > > > Aishwarya Sinhasane > > > > > > On Mon, Dec 12, 2022, 5:33 PM Christie, Marcus Aaron > wrote: > > > Hi Aishwarya, > > > > > > You need to build the django portal frontend code. On Windows you'll > need to run build_js.bat. > > > > > > I realize that build_js.bat is missing from the README. I'll update it. > > > > > > Thanks, > > > > > > Marcus > > > > > > > On Dec 11, 2022, at 4:12 AM, Aishwarya Sinhasane < > aishwaryasinhas...@gmail.com> wrote: > > > > > > > > Hello Everyone, > > > > > > > > I was running django portal locally for the seagrid desktop > application. I have to connect seagrid desktop application to create > experiment page from the molecule editor so that I can pass gaussian input > file to the gaussian experiment. But I am getting the following error. That > there is no web-pack.json file.I observed that there is no folder dist in > the common folder of static. I have attached the screenshots of the error > message. Can anybody please help me to resolve this issue if you are > available today? > > > > > > > > Thanks and Regards > > > > Aishwarya Sinhasane > > > > > > > > > > > > >
Re: Regarding airavata django portal error while running locally
Hi Aishwarya, Thanks for the screenshot. This was an issue with Node 18 (see https://issues.apache.org/jira/browse/AIRAVATA-3668). It is fixed on the 'develop' branch but I've also just now merged it to the 'master' branch. Can you please do a 'git pull' and then try again? Thanks, Marcus > On Dec 14, 2022, at 3:22 AM, Aishwarya Sinhasane > wrote: > > Hello Marcus > > I am getting the following error while running build_js.bat file. I have > attached screenshot for your reference. > > Thanks & Regards > Aishwarya Sinhasane > > On Tue, 13 Dec 2022 at 09:25, Christie, Marcus Aaron wrote: > Hi Aishwarya, > > Can you provide the output from running build_js.bat? > > Thanks, > > Marcus > > > On Dec 12, 2022, at 6:07 PM, Aishwarya Sinhasane > > wrote: > > > > Hello Marcus > > > > Thank you for your response. I have already run the build_js.bat file and > > it's saying that new_default_theme is loaded successfully. I think I have > > provided the screenshot for the same in previous email. If you think > > build_js.bat is not running properly then please let me know how to fix it. > > > > Thanks and Regards > > Aishwarya Sinhasane > > > > On Mon, Dec 12, 2022, 5:33 PM Christie, Marcus Aaron > > wrote: > > Hi Aishwarya, > > > > You need to build the django portal frontend code. On Windows you'll need > > to run build_js.bat. > > > > I realize that build_js.bat is missing from the README. I'll update it. > > > > Thanks, > > > > Marcus > > > > > On Dec 11, 2022, at 4:12 AM, Aishwarya Sinhasane > > > wrote: > > > > > > Hello Everyone, > > > > > > I was running django portal locally for the seagrid desktop application. > > > I have to connect seagrid desktop application to create experiment page > > > from the molecule editor so that I can pass gaussian input file to the > > > gaussian experiment. But I am getting the following error. That there is > > > no web-pack.json file.I observed that there is no folder dist in the > > > common folder of static. I have attached the screenshots of the error > > > message. Can anybody please help me to resolve this issue if you are > > > available today? > > > > > > Thanks and Regards > > > Aishwarya Sinhasane > > > > > > > smime.p7s Description: S/MIME cryptographic signature
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #147: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] closed pull request #147: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api URL: https://github.com/apache/airavata-django-portal/pull/147 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #148: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/auth
dependabot[bot] closed pull request #148: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/auth URL: https://github.com/apache/airavata-django-portal/pull/148 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #146: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/admin
dependabot[bot] closed pull request #146: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/admin URL: https://github.com/apache/airavata-django-portal/pull/146 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #146: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/admin
dependabot[bot] commented on PR #146: URL: https://github.com/apache/airavata-django-portal/pull/146#issuecomment-1351486501 Looks like express is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #147: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] commented on PR #147: URL: https://github.com/apache/airavata-django-portal/pull/147#issuecomment-1351486480 Looks like express is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #145: Bump express from 4.17.1 to 4.18.2 in /django_airavata/static/common
dependabot[bot] closed pull request #145: Bump express from 4.17.1 to 4.18.2 in /django_airavata/static/common URL: https://github.com/apache/airavata-django-portal/pull/145 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #148: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/auth
dependabot[bot] commented on PR #148: URL: https://github.com/apache/airavata-django-portal/pull/148#issuecomment-1351486491 Looks like express is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #140: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/groups
dependabot[bot] closed pull request #140: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/groups URL: https://github.com/apache/airavata-django-portal/pull/140 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #137: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/dataparsers
dependabot[bot] closed pull request #137: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/dataparsers URL: https://github.com/apache/airavata-django-portal/pull/137 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #145: Bump express from 4.17.1 to 4.18.2 in /django_airavata/static/common
dependabot[bot] commented on PR #145: URL: https://github.com/apache/airavata-django-portal/pull/145#issuecomment-1351486219 Looks like express is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #138: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] closed pull request #138: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api URL: https://github.com/apache/airavata-django-portal/pull/138 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #139: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/admin
dependabot[bot] closed pull request #139: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/admin URL: https://github.com/apache/airavata-django-portal/pull/139 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #140: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/groups
dependabot[bot] commented on PR #140: URL: https://github.com/apache/airavata-django-portal/pull/140#issuecomment-1351486081 Looks like qs is no longer updatable, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #137: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/dataparsers
dependabot[bot] commented on PR #137: URL: https://github.com/apache/airavata-django-portal/pull/137#issuecomment-1351485965 Looks like qs is no longer updatable, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #138: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] commented on PR #138: URL: https://github.com/apache/airavata-django-portal/pull/138#issuecomment-1351485891 Looks like qs is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #139: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/admin
dependabot[bot] commented on PR #139: URL: https://github.com/apache/airavata-django-portal/pull/139#issuecomment-1351485754 Looks like qs is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #134: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace
dependabot[bot] closed pull request #134: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace URL: https://github.com/apache/airavata-django-portal/pull/134 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #135: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/static/common
dependabot[bot] closed pull request #135: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/static/common URL: https://github.com/apache/airavata-django-portal/pull/135 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #136: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/auth
dependabot[bot] closed pull request #136: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/auth URL: https://github.com/apache/airavata-django-portal/pull/136 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #135: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/static/common
dependabot[bot] commented on PR #135: URL: https://github.com/apache/airavata-django-portal/pull/135#issuecomment-1351485390 Looks like qs is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #134: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace
dependabot[bot] commented on PR #134: URL: https://github.com/apache/airavata-django-portal/pull/134#issuecomment-1351485468 Looks like qs is no longer updatable, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #136: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/auth
dependabot[bot] commented on PR #136: URL: https://github.com/apache/airavata-django-portal/pull/136#issuecomment-1351485337 Looks like qs is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #133: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/auth
dependabot[bot] commented on PR #133: URL: https://github.com/apache/airavata-django-portal/pull/133#issuecomment-1351485136 Looks like decode-uri-component is no longer a dependency, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #133: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/auth
dependabot[bot] closed pull request #133: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/auth URL: https://github.com/apache/airavata-django-portal/pull/133 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #153: Bump eventsource from 1.1.0 to 1.1.2 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #153: URL: https://github.com/apache/airavata-django-portal/pull/153 Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.2. Changelog Sourced from https://github.com/EventSource/eventsource/blob/master/HISTORY.md;>eventsource's changelog. https://github.com/EventSource/eventsource/compare/v1.1.1...v1.1.2;>1.1.2 Inline origin resolution, drops original dependency (https://github-redirect.dependabot.com/EventSource/eventsource/pull/281;>#281 Espen Hovlandsdal) https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1;>1.1.1 Do not include authorization and cookie headers on redirect to different origin (https://github-redirect.dependabot.com/EventSource/eventsource/pull/273;>#273 Espen Hovlandsdal) Commits https://github.com/EventSource/eventsource/commit/0a8b85b7d29e63b05893fd820a3cb909ca9f5b37;>0a8b85b 1.1.2 https://github.com/EventSource/eventsource/commit/f99ae666bc0436124aed35eaadb7422dc9a07cfe;>f99ae66 docs: update history for 1.1.2 https://github.com/EventSource/eventsource/commit/06c9721b47b327301a4aefe63e0a76a0b60a7585;>06c9721 chore: rebuild polyfill https://github.com/EventSource/eventsource/commit/9494642e9f4b39f927f3952e6caad07acff688f3;>9494642 fix: inline origin resolution, drop original dependency (https://github-redirect.dependabot.com/EventSource/eventsource/issues/281;>#281) https://github.com/EventSource/eventsource/commit/aa7a40843a978f42c0babdec125bf9e0a83bf515;>aa7a408 1.1.1 https://github.com/EventSource/eventsource/commit/56d489ef853a891deca121bbd463c732fee94dce;>56d489e chore: rebuild polyfill https://github.com/EventSource/eventsource/commit/4a951e58b04118c9c4d3da3d27d454972a1b4b8d;>4a951e5 docs: update history for 1.1.1 https://github.com/EventSource/eventsource/commit/f9f6416567bff62c1af2f4314be51d9870e94bc2;>f9f6416 fix: strip sensitive headers on redirect to different origin See full diff in https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eventsource=npm_and_yarn=1.1.0=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #152: Bump loader-utils from 1.2.3 to 1.4.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] opened a new pull request, #152: URL: https://github.com/apache/airavata-django-portal/pull/152 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.2.3 to 1.4.2. Release notes Sourced from https://github.com/webpack/loader-utils/releases;>loader-utils's releases. v1.4.2 https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) v1.4.1 https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) v1.4.0 https://github.com/webpack/loader-utils/compare/v1.3.0...v1.4.0;>1.4.0 (2020-02-19) Features the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) (https://github.com/webpack/loader-utils/commit/cd0e428;>cd0e428) v1.3.0 https://github.com/webpack/loader-utils/compare/v1.2.3...v1.3.0;>1.3.0 (2020-02-19) Features support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) (https://github.com/webpack/loader-utils/commit/469eeba;>469eeba) Changelog Sourced from https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md;>loader-utils's changelog. https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) https://github.com/webpack/loader-utils/compare/v1.3.0...v1.4.0;>1.4.0 (2020-02-19) Features the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) (https://github.com/webpack/loader-utils/commit/cd0e428;>cd0e428) https://github.com/webpack/loader-utils/compare/v1.2.3...v1.3.0;>1.3.0 (2020-02-19) Features support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) (https://github.com/webpack/loader-utils/commit/469eeba;>469eeba) Commits https://github.com/webpack/loader-utils/commit/331ad5067d9a1a7b8d646692e6959639969210d1;>331ad50 chore(release): 1.4.2 https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f fix: ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) https://github.com/webpack/loader-utils/commit/8f082b39f6903929f30fe29dab34f4d9c7ef070a;>8f082b3 chore(release): 1.4.1 https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34 fix: security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) https://github.com/webpack/loader-utils/commit/d95b8b53f0ad547133b47ac8226f735c479f76de;>d95b8b5 chore(release): 1.4.0 https://github.com/webpack/loader-utils/commit/cd0e4284a0aa090f8776c4eb1045d4b1080e7161;>cd0e428 feat: the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) https://github.com/webpack/loader-utils/commit/06d36cf3a619cab20b08608204cb7ea9bddaceab;>06d36cf chore(release): 1.3.0 https://github.com/webpack/loader-utils/commit/469eeba9095b879a3a988cde23d2035e454da9c2;>469eeba feat: support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) https://github.com/webpack/loader-utils/commit/909c99d3f85da40478b9f02338d4113332819cfd;>909c99d chore: funding.yml config and CI fix (https://github-redirect.dependabot.com/webpack/loader-utils/issues/159;>#159) https://github.com/webpack/loader-utils/commit/b5b74f010cace25ca70a652ebef078f6b1cfaddb;>b5b74f0 Set up CI with Azure Pipelines Additional commits viewable in https://github.com/webpack/loader-utils/compare/v1.2.3...v1.4
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #150: Bump loader-utils from 1.4.0 to 1.4.2 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #150: URL: https://github.com/apache/airavata-django-portal/pull/150 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2. Release notes Sourced from https://github.com/webpack/loader-utils/releases;>loader-utils's releases. v1.4.2 https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) v1.4.1 https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) Changelog Sourced from https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md;>loader-utils's changelog. https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) Commits https://github.com/webpack/loader-utils/commit/331ad5067d9a1a7b8d646692e6959639969210d1;>331ad50 chore(release): 1.4.2 https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f fix: ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) https://github.com/webpack/loader-utils/commit/8f082b39f6903929f30fe29dab34f4d9c7ef070a;>8f082b3 chore(release): 1.4.1 https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34 fix: security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) See full diff in https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=loader-utils=npm_and_yarn=1.4.0=1.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #95: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/auth
dependabot[bot] closed pull request #95: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/auth URL: https://github.com/apache/airavata-django-portal/pull/95 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #149: Bump loader-utils from 1.4.0 to 1.4.2 in /django_airavata/apps/auth
dependabot[bot] opened a new pull request, #149: URL: https://github.com/apache/airavata-django-portal/pull/149 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2. Release notes Sourced from https://github.com/webpack/loader-utils/releases;>loader-utils's releases. v1.4.2 https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) v1.4.1 https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) Changelog Sourced from https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md;>loader-utils's changelog. https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) Commits https://github.com/webpack/loader-utils/commit/331ad5067d9a1a7b8d646692e6959639969210d1;>331ad50 chore(release): 1.4.2 https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f fix: ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) https://github.com/webpack/loader-utils/commit/8f082b39f6903929f30fe29dab34f4d9c7ef070a;>8f082b3 chore(release): 1.4.1 https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34 fix: security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) See full diff in https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=loader-utils=npm_and_yarn=1.4.0=1.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #91: Bump eventsource from 1.1.0 to 1.1.1 in /django_airavata/apps/groups
dependabot[bot] closed pull request #91: Bump eventsource from 1.1.0 to 1.1.1 in /django_airavata/apps/groups URL: https://github.com/apache/airavata-django-portal/pull/91 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #91: Bump eventsource from 1.1.0 to 1.1.1 in /django_airavata/apps/groups
dependabot[bot] commented on PR #91: URL: https://github.com/apache/airavata-django-portal/pull/91#issuecomment-1351483271 Superseded by #153. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #95: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/auth
dependabot[bot] commented on PR #95: URL: https://github.com/apache/airavata-django-portal/pull/95#issuecomment-1351481751 Looks like eventsource is no longer a dependency, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #92: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/admin
dependabot[bot] closed pull request #92: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/admin URL: https://github.com/apache/airavata-django-portal/pull/92 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #94: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/static/common
dependabot[bot] commented on PR #94: URL: https://github.com/apache/airavata-django-portal/pull/94#issuecomment-1351481702 Looks like eventsource is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #102: Bump shell-quote from 1.7.2 to 1.7.3 in /django_airavata/static/common
dependabot[bot] commented on PR #102: URL: https://github.com/apache/airavata-django-portal/pull/102#issuecomment-1351481738 Looks like shell-quote is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #82: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/admin
dependabot[bot] closed pull request #82: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/admin URL: https://github.com/apache/airavata-django-portal/pull/82 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #82: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/admin
dependabot[bot] commented on PR #82: URL: https://github.com/apache/airavata-django-portal/pull/82#issuecomment-1351481194 Looks like async is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #151: Bump loader-utils from 1.2.3 to 1.4.2 in /django_airavata/apps/dataparsers
dependabot[bot] opened a new pull request, #151: URL: https://github.com/apache/airavata-django-portal/pull/151 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.2.3 to 1.4.2. Release notes Sourced from https://github.com/webpack/loader-utils/releases;>loader-utils's releases. v1.4.2 https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) v1.4.1 https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) v1.4.0 https://github.com/webpack/loader-utils/compare/v1.3.0...v1.4.0;>1.4.0 (2020-02-19) Features the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) (https://github.com/webpack/loader-utils/commit/cd0e428;>cd0e428) v1.3.0 https://github.com/webpack/loader-utils/compare/v1.2.3...v1.3.0;>1.3.0 (2020-02-19) Features support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) (https://github.com/webpack/loader-utils/commit/469eeba;>469eeba) Changelog Sourced from https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md;>loader-utils's changelog. https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2;>1.4.2 (2022-11-11) Bug Fixes ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) (https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f) https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1;>1.4.1 (2022-11-07) Bug Fixes security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) (https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34) https://github.com/webpack/loader-utils/compare/v1.3.0...v1.4.0;>1.4.0 (2020-02-19) Features the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) (https://github.com/webpack/loader-utils/commit/cd0e428;>cd0e428) https://github.com/webpack/loader-utils/compare/v1.2.3...v1.3.0;>1.3.0 (2020-02-19) Features support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) (https://github.com/webpack/loader-utils/commit/469eeba;>469eeba) Commits https://github.com/webpack/loader-utils/commit/331ad5067d9a1a7b8d646692e6959639969210d1;>331ad50 chore(release): 1.4.2 https://github.com/webpack/loader-utils/commit/17cbf8fa8989c1cb45bdd2997aa524729475f1fa;>17cbf8f fix: ReDoS problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/226;>#226) https://github.com/webpack/loader-utils/commit/8f082b39f6903929f30fe29dab34f4d9c7ef070a;>8f082b3 chore(release): 1.4.1 https://github.com/webpack/loader-utils/commit/4504e34c4796a5836ef70458327351675aed48a5;>4504e34 fix: security problem (https://github-redirect.dependabot.com/webpack/loader-utils/issues/220;>#220) https://github.com/webpack/loader-utils/commit/d95b8b53f0ad547133b47ac8226f735c479f76de;>d95b8b5 chore(release): 1.4.0 https://github.com/webpack/loader-utils/commit/cd0e4284a0aa090f8776c4eb1045d4b1080e7161;>cd0e428 feat: the resourceQuery is passed to the interpolateName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/163;>#163) https://github.com/webpack/loader-utils/commit/06d36cf3a619cab20b08608204cb7ea9bddaceab;>06d36cf chore(release): 1.3.0 https://github.com/webpack/loader-utils/commit/469eeba9095b879a3a988cde23d2035e454da9c2;>469eeba feat: support the [query] template for the interpolatedName method (https://github-redirect.dependabot.com/webpack/loader-utils/issues/162;>#162) https://github.com/webpack/loader-utils/commit/909c99d3f85da40478b9f02338d4113332819cfd;>909c99d chore: funding.yml config and CI fix (https://github-redirect.dependabot.com/webpack/loader-utils/issues/159;>#159) https://github.com/webpack/loader-utils/commit/b5b74f010cace25ca70a652ebef078f6b1cfaddb;>b5b74f0 Set up CI with Azure Pipelines Additional commits viewable in https://github.com/webpack/loader-utils/compare/v1.2.3...v1.4
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #81: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] closed pull request #81: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api URL: https://github.com/apache/airavata-django-portal/pull/81 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #102: Bump shell-quote from 1.7.2 to 1.7.3 in /django_airavata/static/common
dependabot[bot] closed pull request #102: Bump shell-quote from 1.7.2 to 1.7.3 in /django_airavata/static/common URL: https://github.com/apache/airavata-django-portal/pull/102 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #94: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/static/common
dependabot[bot] closed pull request #94: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/static/common URL: https://github.com/apache/airavata-django-portal/pull/94 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #90: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] closed pull request #90: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api URL: https://github.com/apache/airavata-django-portal/pull/90 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #86: Bump async from 2.6.3 to 2.6.4 in /django_airavata/static/common
dependabot[bot] closed pull request #86: Bump async from 2.6.3 to 2.6.4 in /django_airavata/static/common URL: https://github.com/apache/airavata-django-portal/pull/86 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #90: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] commented on PR #90: URL: https://github.com/apache/airavata-django-portal/pull/90#issuecomment-1351481464 Looks like eventsource is no longer a dependency, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #92: Bump eventsource from 1.0.7 to 1.1.1 in /django_airavata/apps/admin
dependabot[bot] commented on PR #92: URL: https://github.com/apache/airavata-django-portal/pull/92#issuecomment-1351481448 Looks like eventsource is no longer a dependency, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #86: Bump async from 2.6.3 to 2.6.4 in /django_airavata/static/common
dependabot[bot] commented on PR #86: URL: https://github.com/apache/airavata-django-portal/pull/86#issuecomment-1351481199 Looks like async is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #81: Bump async from 2.6.3 to 2.6.4 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] commented on PR #81: URL: https://github.com/apache/airavata-django-portal/pull/81#issuecomment-1351480704 Looks like async is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: Regarding airavata django portal error while running locally
Hi Aishwarya, Can you provide the output from running build_js.bat? Thanks, Marcus > On Dec 12, 2022, at 6:07 PM, Aishwarya Sinhasane > wrote: > > Hello Marcus > > Thank you for your response. I have already run the build_js.bat file and > it's saying that new_default_theme is loaded successfully. I think I have > provided the screenshot for the same in previous email. If you think > build_js.bat is not running properly then please let me know how to fix it. > > Thanks and Regards > Aishwarya Sinhasane > > On Mon, Dec 12, 2022, 5:33 PM Christie, Marcus Aaron wrote: > Hi Aishwarya, > > You need to build the django portal frontend code. On Windows you'll need to > run build_js.bat. > > I realize that build_js.bat is missing from the README. I'll update it. > > Thanks, > > Marcus > > > On Dec 11, 2022, at 4:12 AM, Aishwarya Sinhasane > > wrote: > > > > Hello Everyone, > > > > I was running django portal locally for the seagrid desktop application. I > > have to connect seagrid desktop application to create experiment page from > > the molecule editor so that I can pass gaussian input file to the gaussian > > experiment. But I am getting the following error. That there is no > > web-pack.json file.I observed that there is no folder dist in the common > > folder of static. I have attached the screenshots of the error message. Can > > anybody please help me to resolve this issue if you are available today? > > > > Thanks and Regards > > Aishwarya Sinhasane > > > smime.p7s Description: S/MIME cryptographic signature
Re: Regarding airavata django portal error while running locally
Hello Marcus Thank you for your response. I have already run the build_js.bat file and it's saying that new_default_theme is loaded successfully. I think I have provided the screenshot for the same in previous email. If you think build_js.bat is not running properly then please let me know how to fix it. Thanks and Regards Aishwarya Sinhasane On Mon, Dec 12, 2022, 5:33 PM Christie, Marcus Aaron wrote: > Hi Aishwarya, > > You need to build the django portal frontend code. On Windows you'll need > to run build_js.bat. > > I realize that build_js.bat is missing from the README. I'll update it. > > Thanks, > > Marcus > > > On Dec 11, 2022, at 4:12 AM, Aishwarya Sinhasane < > aishwaryasinhas...@gmail.com> wrote: > > > > Hello Everyone, > > > > I was running django portal locally for the seagrid desktop application. > I have to connect seagrid desktop application to create experiment page > from the molecule editor so that I can pass gaussian input file to the > gaussian experiment. But I am getting the following error. That there is no > web-pack.json file.I observed that there is no folder dist in the common > folder of static. I have attached the screenshots of the error message. Can > anybody please help me to resolve this issue if you are available today? > > > > Thanks and Regards > > Aishwarya Sinhasane > > > >
Re: Regarding airavata django portal error while running locally
Hi Aishwarya, You need to build the django portal frontend code. On Windows you'll need to run build_js.bat. I realize that build_js.bat is missing from the README. I'll update it. Thanks, Marcus > On Dec 11, 2022, at 4:12 AM, Aishwarya Sinhasane > wrote: > > Hello Everyone, > > I was running django portal locally for the seagrid desktop application. I > have to connect seagrid desktop application to create experiment page from > the molecule editor so that I can pass gaussian input file to the gaussian > experiment. But I am getting the following error. That there is no > web-pack.json file.I observed that there is no folder dist in the common > folder of static. I have attached the screenshots of the error message. Can > anybody please help me to resolve this issue if you are available today? > > Thanks and Regards > Aishwarya Sinhasane > smime.p7s Description: S/MIME cryptographic signature
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #145: Bump express from 4.17.1 to 4.18.2 in /django_airavata/static/common
dependabot[bot] opened a new pull request, #145: URL: https://github.com/apache/airavata-django-portal/pull/145 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #146: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/admin
dependabot[bot] opened a new pull request, #146: URL: https://github.com/apache/airavata-django-portal/pull/146 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #147: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] opened a new pull request, #147: URL: https://github.com/apache/airavata-django-portal/pull/147 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #144: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/workspace
dependabot[bot] opened a new pull request, #144: URL: https://github.com/apache/airavata-django-portal/pull/144 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #143: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #143: URL: https://github.com/apache/airavata-django-portal/pull/143 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #142: Bump express from 4.17.1 to 4.18.2 in /django_airavata/apps/dataparsers
dependabot[bot] opened a new pull request, #142: URL: https://github.com/apache/airavata-django-portal/pull/142 Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from https://github.com/expressjs/express/releases;>express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 Fix hanging on large stack of sync routes 4.18.0 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 Fix emitted 416 error missing headers property Limit the headers removed for 304 response deps: depd@2.0.0 deps: destroy@1.2.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 ... (truncated) Changelog Sourced from https://github.com/expressjs/express/blob/master/History.md;>express's changelog. 4.18.2 / 2022-10-08 Fix regression routing a large stack in a single route deps: body-parser@1.20.1 deps: qs@6.11.0 perf: remove unnecessary object clone deps: qs@6.11.0 4.18.1 / 2022-04-29 Fix hanging on large stack of sync routes 4.18.0 / 2022-04-25 Add root option to res.download Allow options without filename in res.download Deprecate string and non-integer arguments to res.status Fix behavior of null/undefined as maxAge in res.cookie Fix handling very large stacks of sync middleware Ignore Object.prototype values in settings through app.set/app.get Invoke default with same arguments as types in res.format Support proper 205 responses using res.send Use http-errors for res.format error deps: body-parser@1.20.0 Fix error message for json parse whitespace in strict Fix internal error when inflated body exceeds limit Prevent loss of async hooks context Prevent hanging when request already read deps: depd@2.0.0 deps: http-errors@2.0.0 deps: on-finished@2.4.1 deps: qs@6.10.3 deps: raw-body@2.5.1 deps: cookie@0.5.0 Add priority option Fix expires option to reject invalid dates deps: depd@2.0.0 Replace internal eval usage with Function constructor Use instance methods on process to check for listeners deps: finalhandler@1.2.0 Remove set content headers that break response deps: on-finished@2.4.1 deps: statuses@2.0.1 deps: on-finished@2.4.1 Prevent loss of async hooks context deps: qs@6.10.3 deps: send@0.18.0 ... (truncated) Commits https://github.com/expressjs/express/commit/8368dc178af16b91b576c4c1d135f701a0007e5d;>8368dc1 4.18.2 https://github.com/expressjs/express/commit/61f40491222dbede653b9938e6a4676f187aab44;>61f4049 docs: replace Freenode with Libera Chat https://github.com/expressjs/express/commit/bb7907b932afe3a19236a642f6054b6c8f7349a0;>bb7907b build: Node.js@18.10 https://github.com/expressjs/express/commit/f56ce73186e885a938bfdb3d3d1005a58e6ae12b;>f56ce73 build: supertest@6.3.0 https://github.com/expressjs/express/commit/24b3dc551670ac4fb0cd5a2bd5ef643c9525e60f;>24b3dc5 deps: qs@6.11.0 https://github.com/expressjs/express/commit/689d175b8b39d8860b81d723233fb83d15201827;>689d175 deps: body-parser@1.20.1 https://github.com/expressjs/express/commit/340be0f79afb9b3176afb76235aa7f92acbd5050;>340be0f build: eslint@8.24.0 https://github.com/expressjs/express/commit/33e8dc303af9277f8a7e4f46abfdcb5e72f6797b;>33e8dc3 docs: use Node.js name style https://githu
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #141: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/api
dependabot[bot] opened a new pull request, #141: URL: https://github.com/apache/airavata-django-portal/pull/141 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #140: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #140: URL: https://github.com/apache/airavata-django-portal/pull/140 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #139: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/admin
dependabot[bot] opened a new pull request, #139: URL: https://github.com/apache/airavata-django-portal/pull/139 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #138: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] opened a new pull request, #138: URL: https://github.com/apache/airavata-django-portal/pull/138 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #137: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/dataparsers
dependabot[bot] opened a new pull request, #137: URL: https://github.com/apache/airavata-django-portal/pull/137 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #136: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/auth
dependabot[bot] opened a new pull request, #136: URL: https://github.com/apache/airavata-django-portal/pull/136 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #135: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/static/common
dependabot[bot] opened a new pull request, #135: URL: https://github.com/apache/airavata-django-portal/pull/135 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #134: Bump qs from 6.5.2 to 6.5.3 in /django_airavata/apps/workspace
dependabot[bot] opened a new pull request, #134: URL: https://github.com/apache/airavata-django-portal/pull/134 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md;>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279;>#279) [Fix] utils: merge: fix crash when source is a truthy primitive no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269;>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for arrayLimit option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077;>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f;>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428;>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab;>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427;>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2;>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64;>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399;>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a;>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1;>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d;>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977;>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3;>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs=npm_and_yarn=6.5.2=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major v
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #133: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/auth
dependabot[bot] opened a new pull request, #133: URL: https://github.com/apache/airavata-django-portal/pull/133 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #6: Bump cryptography from 3.0 to 3.3.2
machristie merged PR #6: URL: https://github.com/apache/airavata-django-portal-sdk/pull/6 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #3: Bump paramiko from 2.7.1 to 2.10.1
machristie merged PR #3: URL: https://github.com/apache/airavata-django-portal-sdk/pull/3 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #4: Bump requests from 2.18.4 to 2.20.0
machristie merged PR #4: URL: https://github.com/apache/airavata-django-portal-sdk/pull/4 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #7: Bump djangorestframework from 3.10.3 to 3.11.2
machristie merged PR #7: URL: https://github.com/apache/airavata-django-portal-sdk/pull/7 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #10: Bump django from 3.2.15 to 3.2.16
machristie merged PR #10: URL: https://github.com/apache/airavata-django-portal-sdk/pull/10 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] dependabot[bot] opened a new pull request, #10: Bump django from 3.2.15 to 3.2.16
dependabot[bot] opened a new pull request, #10: URL: https://github.com/apache/airavata-django-portal-sdk/pull/10 Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16. Commits https://github.com/django/django/commit/4c85beca9d8bf24573d741e26ea36295c69af5b2;>4c85bec [3.2.x] Bumped version for 3.2.16 release. https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924;>5b6b257 [3.2.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regula... https://github.com/django/django/commit/33affaf0b67f0e88bd3d8226476ff2822c821366;>33affaf [3.2.x] Added stub notes 3.2.16 release. https://github.com/django/django/commit/777362d74aa3f3d88e6d60199f1d986200fb83b8;>777362d [3.2.x] Added CVE-2022-36359 to security archive. https://github.com/django/django/commit/eb5bdb461ea27b41d9d3d819fca062b3849556ee;>eb5bdb4 [3.2.x] Post-release version bump. See full diff in https://github.com/django/django/compare/3.2.15...3.2.16;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django=pip=3.2.15=3.2.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal-sdk/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] machristie merged pull request #9: Bump django from 3.2.12 to 3.2.15
machristie merged PR #9: URL: https://github.com/apache/airavata-django-portal-sdk/pull/9 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #132: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/static/common
dependabot[bot] opened a new pull request, #132: URL: https://github.com/apache/airavata-django-portal/pull/132 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #130: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/api
dependabot[bot] opened a new pull request, #130: URL: https://github.com/apache/airavata-django-portal/pull/130 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #131: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/workspace/django-airavata-workspace-plugin-api
dependabot[bot] opened a new pull request, #131: URL: https://github.com/apache/airavata-django-portal/pull/131 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #129: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/dataparsers
dependabot[bot] opened a new pull request, #129: URL: https://github.com/apache/airavata-django-portal/pull/129 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #128: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/workspace
dependabot[bot] opened a new pull request, #128: URL: https://github.com/apache/airavata-django-portal/pull/128 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #127: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/admin
dependabot[bot] opened a new pull request, #127: URL: https://github.com/apache/airavata-django-portal/pull/127 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #126: Bump decode-uri-component from 0.2.0 to 0.2.2 in /django_airavata/apps/groups
dependabot[bot] opened a new pull request, #126: URL: https://github.com/apache/airavata-django-portal/pull/126 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from https://github.com/SamVerschueren/decode-uri-component/releases;>decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 746ca5d Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) 486d7e2 Tidelift tasks a650457 Meta tweaks 66e1c28 https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1;>https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1 Commits https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb;>a0eea46 0.2.2 https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152;>980e0bf Prevent overwriting previously decoded tokens https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33;>3c8a373 0.2.1 https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3;>76abc93 Switch to GitHub workflows https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9;>746ca5d Fix issue where decode throws - fixes https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/6;>#6 https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30;>486d7e2 Update license (https://github-redirect.dependabot.com/SamVerschueren/decode-uri-component/issues/1;>#1) https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134;>a650457 Tidelift tasks https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02;>66e1c28 Meta tweaks See full diff in https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component=npm_and_yarn=0.2.0=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for
[GitHub] [airavata-django-portal] machristie merged pull request #125: Bump django from 3.2.15 to 3.2.16
machristie merged PR #125: URL: https://github.com/apache/airavata-django-portal/pull/125 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #125: Bump django from 3.2.15 to 3.2.16
dependabot[bot] opened a new pull request, #125: URL: https://github.com/apache/airavata-django-portal/pull/125 Bumps [django](https://github.com/django/django) from 3.2.15 to 3.2.16. Commits https://github.com/django/django/commit/4c85beca9d8bf24573d741e26ea36295c69af5b2;>4c85bec [3.2.x] Bumped version for 3.2.16 release. https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924;>5b6b257 [3.2.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regula... https://github.com/django/django/commit/33affaf0b67f0e88bd3d8226476ff2822c821366;>33affaf [3.2.x] Added stub notes 3.2.16 release. https://github.com/django/django/commit/777362d74aa3f3d88e6d60199f1d986200fb83b8;>777362d [3.2.x] Added CVE-2022-36359 to security archive. https://github.com/django/django/commit/eb5bdb461ea27b41d9d3d819fca062b3849556ee;>eb5bdb4 [3.2.x] Post-release version bump. See full diff in https://github.com/django/django/compare/3.2.15...3.2.16;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django=pip=3.2.15=3.2.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] machristie merged pull request #124: download_code and show_code for desktop-login
machristie merged PR #124: URL: https://github.com/apache/airavata-django-portal/pull/124 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #122: Bump django from 3.2.11 to 3.2.15
dependabot[bot] closed pull request #122: Bump django from 3.2.11 to 3.2.15 URL: https://github.com/apache/airavata-django-portal/pull/122 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #122: Bump django from 3.2.11 to 3.2.15
dependabot[bot] commented on PR #122: URL: https://github.com/apache/airavata-django-portal/pull/122#issuecomment-1246755992 Looks like django is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] bkrshubham95 opened a new pull request, #123: Django portal admindashboard
bkrshubham95 opened a new pull request, #123: URL: https://github.com/apache/airavata-django-portal/pull/123 changes for admin Dashboard -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] dependabot[bot] closed pull request #8: Bump django from 3.2.12 to 3.2.14
dependabot[bot] closed pull request #8: Bump django from 3.2.12 to 3.2.14 URL: https://github.com/apache/airavata-django-portal-sdk/pull/8 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] dependabot[bot] commented on pull request #8: Bump django from 3.2.12 to 3.2.14
dependabot[bot] commented on PR #8: URL: https://github.com/apache/airavata-django-portal-sdk/pull/8#issuecomment-1212170553 Superseded by #9. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal-sdk] dependabot[bot] opened a new pull request, #9: Bump django from 3.2.12 to 3.2.15
dependabot[bot] opened a new pull request, #9: URL: https://github.com/apache/airavata-django-portal-sdk/pull/9 Bumps [django](https://github.com/django/django) from 3.2.12 to 3.2.15. Commits https://github.com/django/django/commit/653a7bd7b7c2f7c3ffe6b22be53da1472c491474;>653a7bd [3.2.x] Bumped version for 3.2.15 release. https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80;>b3e4494 [3.2.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header. https://github.com/django/django/commit/cb7fbac9f8a93d730be66815620d5769aad521bc;>cb7fbac [3.2.x] Fixed collation tests on MySQL 8.0.30+. https://github.com/django/django/commit/840d009c06e7bcff2e312f68b6bdd5d9926cc9e6;>840d009 [3.2.x] Fixed inspectdb and schema tests on MariaDB 10.6+. https://github.com/django/django/commit/a5eba20f40a78a0d6236908502e450905afabbd7;>a5eba20 Adjusted release notes for 3.2.15. https://github.com/django/django/commit/ad104fb50feae2312f79c710b97f99bb55f0fd23;>ad104fb [3.2.x] Added stub release notes for 3.2.15 release. https://github.com/django/django/commit/22916c8c1f9648931344c7f77fe9f71069dc5765;>22916c8 [3.2.x] Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM... https://github.com/django/django/commit/e1cfbe58b76bb115db299f697e42e05d5c7979c9;>e1cfbe5 [3.2.x] Added CVE-2022-34265 to security archive. https://github.com/django/django/commit/605cf0d3f64ab1fb904e60ada0b544bd513064b9;>605cf0d [3.2.x] Post-release version bump. https://github.com/django/django/commit/746e88cc634469112b823225c19d75c7362f8ecf;>746e88c [3.2.x] Bumped version for 3.2.14 release. Additional commits viewable in https://github.com/django/django/compare/3.2.12...3.2.15;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django=pip=3.2.12=3.2.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal-sdk/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] closed pull request #107: Bump django from 3.2.11 to 3.2.14
dependabot[bot] closed pull request #107: Bump django from 3.2.11 to 3.2.14 URL: https://github.com/apache/airavata-django-portal/pull/107 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] commented on pull request #107: Bump django from 3.2.11 to 3.2.14
dependabot[bot] commented on PR #107: URL: https://github.com/apache/airavata-django-portal/pull/107#issuecomment-1212096173 Superseded by #122. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #122: Bump django from 3.2.11 to 3.2.15
dependabot[bot] opened a new pull request, #122: URL: https://github.com/apache/airavata-django-portal/pull/122 Bumps [django](https://github.com/django/django) from 3.2.11 to 3.2.15. Commits https://github.com/django/django/commit/653a7bd7b7c2f7c3ffe6b22be53da1472c491474;>653a7bd [3.2.x] Bumped version for 3.2.15 release. https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80;>b3e4494 [3.2.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header. https://github.com/django/django/commit/cb7fbac9f8a93d730be66815620d5769aad521bc;>cb7fbac [3.2.x] Fixed collation tests on MySQL 8.0.30+. https://github.com/django/django/commit/840d009c06e7bcff2e312f68b6bdd5d9926cc9e6;>840d009 [3.2.x] Fixed inspectdb and schema tests on MariaDB 10.6+. https://github.com/django/django/commit/a5eba20f40a78a0d6236908502e450905afabbd7;>a5eba20 Adjusted release notes for 3.2.15. https://github.com/django/django/commit/ad104fb50feae2312f79c710b97f99bb55f0fd23;>ad104fb [3.2.x] Added stub release notes for 3.2.15 release. https://github.com/django/django/commit/22916c8c1f9648931344c7f77fe9f71069dc5765;>22916c8 [3.2.x] Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM... https://github.com/django/django/commit/e1cfbe58b76bb115db299f697e42e05d5c7979c9;>e1cfbe5 [3.2.x] Added CVE-2022-34265 to security archive. https://github.com/django/django/commit/605cf0d3f64ab1fb904e60ada0b544bd513064b9;>605cf0d [3.2.x] Post-release version bump. https://github.com/django/django/commit/746e88cc634469112b823225c19d75c7362f8ecf;>746e88c [3.2.x] Bumped version for 3.2.14 release. Additional commits viewable in https://github.com/django/django/compare/3.2.11...3.2.15;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=django=pip=3.2.11=3.2.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [airavata-django-portal] dependabot[bot] opened a new pull request, #121: Bump terser from 4.8.0 to 4.8.1 in /django_airavata/apps/auth
dependabot[bot] opened a new pull request, #121: URL: https://github.com/apache/airavata-django-portal/pull/121 Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from https://github.com/terser/terser/blob/master/CHANGELOG.md;>terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in https://github.com/terser/terser/commits;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=terser=npm_and_yarn=4.8.0=4.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/airavata-django-portal/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@airavata.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org