reactjs

reactjs

React website and its localizations

Member Since 7 years ago

Everywhere

Experience Points
0
follower
Lessons Completed
0
follow
Best Reply Awards
85
repos
Activity
Oct
15
1 day ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump ua-parser-js from 0.7.21 to 0.7.28

Bumps ua-parser-js from 0.7.21 to 0.7.28.


updated-dependencies:

  • dependency-name: ua-parser-js dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #145 from reactjs/dependabot/npm_and_yarn/ua-parser-js-0.7.28

Bump ua-parser-js from 0.7.21 to 0.7.28

commit sha: a63cbe568b46b7a458f1b746ebd8ba5dde5ddf9c

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump ua-parser-js from 0.7.21 to 0.7.28

Bumps ua-parser-js from 0.7.21 to 0.7.28.

Commits
  • 1d3c98a Revert breaking fix #279 and release as 0.7.28
  • 535f11b Delete redundant code
  • 642c039 Fix #492 LG TV WebOS detection
  • 3edacdd Merge branch 'master' into develop
  • acc0b91 Update contributor list
  • f726dcd Merge branch 'master' into develop
  • 383ca58 More test for tablet devices
  • 7c8aa43 Minor rearrangement
  • 09aa910 Add new device & browser: Tesla
  • 557cc21 More test for latest phones with unique form factor (fold/flip/qwerty/swivel)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/url-parse-1.5.3

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump url-parse from 1.4.7 to 1.5.3

Bumps url-parse from 1.4.7 to 1.5.3.


updated-dependencies:

  • dependency-name: url-parse dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #137 from reactjs/dependabot/npm_and_yarn/url-parse-1.5.3

Bump url-parse from 1.4.7 to 1.5.3

commit sha: 60de3170e786612fa4ccfa472a6e90756582cb35

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump url-parse from 1.4.7 to 1.5.3

Bumps url-parse from 1.4.7 to 1.5.3.

Commits
  • ad44493 [dist] 1.5.3
  • c798461 [fix] Fix host parsing for file URLs (#210)
  • 201034b [dist] 1.5.2
  • 2d9ac2c [fix] Sanitize only special URLs (#209)
  • fb128af [fix] Use 'null' as origin for non special URLs
  • fed6d9e [fix] Add a leading slash only if the URL is special
  • 94872e7 [fix] Do not incorrectly set the slashes property to true
  • 81ab967 [fix] Ignore slashes after the protocol for special URLs
  • ee22050 [ci] Use GitHub Actions
  • d2979b5 [fix] Special case the file: protocol (#204)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/tar-6.1.11

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump tar from 6.0.5 to 6.1.11

Bumps tar from 6.0.5 to 6.1.11.


updated-dependencies:

  • dependency-name: tar dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #136 from reactjs/dependabot/npm_and_yarn/tar-6.1.11

Bump tar from 6.0.5 to 6.1.11

commit sha: 7d7693eca0fd5d816a22fff59be74bd17ab8b351

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump tar from 6.0.5 to 6.1.11

Bumps tar from 6.0.5 to 6.1.11.

Commits
  • e573aee 6.1.11
  • edb8e9a fix: perf regression on hot string munging path
  • a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache
  • 24b8bda fix(test): use posix path for testing path reservations
  • e5a223c fix(test): make unpack test pass on case-sensitive fs
  • 188badd 6.1.10
  • 23312ce drop dirCache for symlink on all platforms
  • 4f1f4a2 6.1.9
  • 875a37e fix: prevent path escape using drive-relative paths
  • b6162c7 fix: reserve paths properly for unicode, windows
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Activity icon
delete

dependabot[bot] in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/object-path-0.11.8

deleted time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump object-path from 0.11.5 to 0.11.8

Bumps object-path from 0.11.5 to 0.11.8.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump object-path from 0.11.5 to 0.11.8

Bumps object-path from 0.11.5 to 0.11.8.


updated-dependencies:

  • dependency-name: object-path dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #135 from reactjs/dependabot/npm_and_yarn/object-path-0.11.8

Bump object-path from 0.11.5 to 0.11.8

commit sha: 5111280a4708e3c0b684b300259856e61df1600a

push time in 15 hours ago
Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/path-parse-1.0.7

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump path-parse from 1.0.6 to 1.0.7

Bumps path-parse from 1.0.6 to 1.0.7.


updated-dependencies:

  • dependency-name: path-parse dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #130 from reactjs/dependabot/npm_and_yarn/path-parse-1.0.7

Bump path-parse from 1.0.6 to 1.0.7

commit sha: cf3a66df12917ef3273960ed8ee23666534fcdc9

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump path-parse from 1.0.6 to 1.0.7

Bumps path-parse from 1.0.6 to 1.0.7.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/color-string-1.6.0

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump color-string from 1.5.3 to 1.6.0

Bumps color-string from 1.5.3 to 1.6.0.


updated-dependencies:

  • dependency-name: color-string dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #128 from reactjs/dependabot/npm_and_yarn/color-string-1.6.0

Bump color-string from 1.5.3 to 1.6.0

commit sha: fba62d527bf702e662168b42ca9874b23c04fb1b

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump color-string from 1.5.3 to 1.6.0

Bumps color-string from 1.5.3 to 1.6.0.

Release notes

Sourced from color-string's releases.

1.6.0

Minor release 1.6.0

  • #55 - Add support for space-separated HSL

Thanks @​htunnicliff for the contribution :)

1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)

Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3

Discovered by Yeting Li, c/o Colin Ife via Snyk.io.

A ReDos (Regular Expression Denial of Service) vulnerability was responsibly disclosed to me via email by Colin on Mar 5 2021 regarding an exponential time complexity for linearly increasing input lengths for hwb() color strings.

Strings reaching more than 5000 characters would see several milliseconds of processing time; strings reaching more than 50,000 characters began seeing 1500ms (1.5s) of processing time.

The cause was due to a the regular expression that parses hwb() strings - specifically, the hue value - where the integer portion of the hue value used a 0-or-more quantifier shortly thereafter followed by a 1-or-more quantifier.

This caused excessive backtracking and a cartesian scan, resulting in exponential time complexity given a linear increase in input length.

Thank you Yeting Li and Colin Ife for bringing this to my attention in a secure, responsible and professional manner.

A CVE will not be assigned for this vulnerability.

1.5.4 (Patch Release)

  • Removes rounding of alpha values in RGBA hex (#rrggbbaa) and condensed-hex (#rgba) parsers, which caused certain unique inputs to result in identical outputs (see https://github.com/qix-/color/issues/174).
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

push

dependabot[bot] push reactjs/th.reactjs.org

dependabot[bot]
dependabot[bot]

Bump hosted-git-info from 2.8.8 to 2.8.9

Bumps hosted-git-info from 2.8.8 to 2.8.9.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Merge pull request #111 from reactjs/dependabot/npm_and_yarn/hosted-git-info-2.8.9

Bump hosted-git-info from 2.8.8 to 2.8.9

dependabot[bot]
dependabot[bot]

Bump tar from 6.0.5 to 6.1.11

Bumps tar from 6.0.5 to 6.1.11.


updated-dependencies:

  • dependency-name: tar dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

commit sha: 8cf7cfc410d0b36b1db77abc03402ef90067ae87

push time in 15 hours ago
push

dependabot[bot] push reactjs/th.reactjs.org

dependabot[bot]
dependabot[bot]

Bump hosted-git-info from 2.8.8 to 2.8.9

Bumps hosted-git-info from 2.8.8 to 2.8.9.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Merge pull request #111 from reactjs/dependabot/npm_and_yarn/hosted-git-info-2.8.9

Bump hosted-git-info from 2.8.8 to 2.8.9

dependabot[bot]
dependabot[bot]

Bump ua-parser-js from 0.7.21 to 0.7.28

Bumps ua-parser-js from 0.7.21 to 0.7.28.


updated-dependencies:

  • dependency-name: ua-parser-js dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

commit sha: 8debcf034bbca69d7ccf9dedbfecd0b1a3d38739

push time in 15 hours ago
Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/urijs-1.19.7

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump urijs from 1.19.2 to 1.19.7

Bumps urijs from 1.19.2 to 1.19.7.


updated-dependencies:

  • dependency-name: urijs dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #126 from reactjs/dependabot/npm_and_yarn/urijs-1.19.7

Bump urijs from 1.19.2 to 1.19.7

commit sha: 0e9e91adffbf66cd0aba23c4da007501165f7d0f

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump urijs from 1.19.2 to 1.19.7

Bumps urijs from 1.19.2 to 1.19.7.

Release notes

Sourced from urijs's releases.

1.19.7 (July 14th 2021)

  • SECURITY fixing URI.parseQuery() to prevent overwriting __proto__ in parseQuery() - disclosed privately by @​NewEraCracker
  • SECURITY fixing URI.parse() to handle variable amounts of \ and / in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/
  • removed obsolete build tools
  • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)

1.19.6 (February 13th 2021)

  • SECURITY fixing URI.parse() to rewrite \ in scheme delimiter to / as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx

1.19.5 (December 30th 2020)

1.19.4 (December 23rd 2020)

1.19.3 (December 20th 2020)

Changelog

Sourced from urijs's changelog.

1.19.7 (July 14th 2021)

  • SECURITY fixing URI.parseQuery() to prevent overwriting __proto__ in parseQuery() - disclosed privately by @​NewEraCracker
  • SECURITY fixing URI.parse() to handle variable amounts of \ and / in scheme delimiter as Node and Browsers do - disclosed privately by ready-research via https://huntr.dev/
  • removed obsolete build tools
  • updated jQuery versions (verifying compatibility with 1.12.4, 2.2.4, 3.6.0)

1.19.6 (February 13th 2021)

  • SECURITY fixing URI.parse() to rewrite \ in scheme delimiter to / as Node and Browsers do - disclosed privately by Yaniv Nizry from the CxSCA AppSec team at Checkmarx

1.19.5 (December 30th 2020)

1.19.4 (December 23rd 2020)

1.19.3 (December 20th 2020)

Commits
  • 19e54c7 chore(build): bumping to version 1.19.7
  • 547d4b6 build: update jquery
  • aab4a43 build: remove obsolete build tools
  • ac43ca8 fix(parse): more backslash galore #410
  • 622db6d docs: add security policy
  • 8e51b00 fix(parse): prevent overwriting proto in parseQuery()
  • 46c8ac0 chore(build): bumping to version 1.19.6
  • a1ad8bc fix(parse): treat backslash as forwardslash in scheme delimiter
  • d7bb4ce chore(build): bumping to version 1.19.5
  • bf04ec5 chore(build): bumping to version 1.19.4
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

push

dependabot[bot] push reactjs/th.reactjs.org

dependabot[bot]
dependabot[bot]

first issue: add missing comma (#3452)

Co-authored-by: gbradleypro [email protected] Co-authored-by: eps1lon [email protected]

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Fix UI feedback when downvoting a page (#3459)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

remove componentWillMount/WillReceiveProps (#3475)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Highlight all modified lines in the React forms example (#3486)

The change at line 21 was not highlighted, which has been modified with the handleSubmit handler added.

dependabot[bot]
dependabot[bot]

add v15.6 legacy docs redirect (#3464)

  • add v15.6 legacy docs redirect

Related to #3401

  • fix json
dependabot[bot]
dependabot[bot]

Changed yarn test-prod to yarn test --prod in contributing guide (#3491)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

fix: Remove duplicate conference links (#3493)

dependabot[bot]
dependabot[bot]

Bump socket.io from 2.3.0 to 2.4.1 (#3494)

Bumps socket.io from 2.3.0 to 2.4.1.

Signed-off-by: dependabot[bot] [email protected]

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Bump ssri from 6.0.1 to 6.0.2

Bumps ssri from 6.0.1 to 6.0.2.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Bump elliptic from 6.5.2 to 6.5.4

Bumps elliptic from 6.5.2 to 6.5.4.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Merge branch 'main' into sync-92362925

dependabot[bot]
dependabot[bot]

Merge pull request #80 from reactjs/sync-92362925

Sync with reactjs.org @92362925

commit sha: dca7016acd3883eece9ba1af6a47bec826c8e400

push time in 15 hours ago
push

dependabot[bot] push reactjs/th.reactjs.org

dependabot[bot]
dependabot[bot]

first issue: add missing comma (#3452)

Co-authored-by: gbradleypro [email protected] Co-authored-by: eps1lon [email protected]

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Fix UI feedback when downvoting a page (#3459)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

remove componentWillMount/WillReceiveProps (#3475)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Highlight all modified lines in the React forms example (#3486)

The change at line 21 was not highlighted, which has been modified with the handleSubmit handler added.

dependabot[bot]
dependabot[bot]

add v15.6 legacy docs redirect (#3464)

  • add v15.6 legacy docs redirect

Related to #3401

  • fix json
dependabot[bot]
dependabot[bot]

Changed yarn test-prod to yarn test --prod in contributing guide (#3491)

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

fix: Remove duplicate conference links (#3493)

dependabot[bot]
dependabot[bot]

Bump socket.io from 2.3.0 to 2.4.1 (#3494)

Bumps socket.io from 2.3.0 to 2.4.1.

Signed-off-by: dependabot[bot] [email protected]

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot[bot]
dependabot[bot]
dependabot[bot]
dependabot[bot]

Bump ssri from 6.0.1 to 6.0.2

Bumps ssri from 6.0.1 to 6.0.2.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Bump elliptic from 6.5.2 to 6.5.4

Bumps elliptic from 6.5.2 to 6.5.4.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Merge branch 'main' into sync-92362925

dependabot[bot]
dependabot[bot]

Merge pull request #80 from reactjs/sync-92362925

Sync with reactjs.org @92362925

commit sha: 0b001a6a019c2c0ae6a7a95a94b41e913bf22a91

push time in 15 hours ago
Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/hosted-git-info-2.8.9

deleted time in 15 hours ago
push

iphayao push reactjs/th.reactjs.org

iphayao
iphayao

Bump hosted-git-info from 2.8.8 to 2.8.9

Bumps hosted-git-info from 2.8.8 to 2.8.9.

Signed-off-by: dependabot[bot] [email protected]

iphayao
iphayao

Merge pull request #111 from reactjs/dependabot/npm_and_yarn/hosted-git-info-2.8.9

Bump hosted-git-info from 2.8.8 to 2.8.9

commit sha: 8ced44d59280f72b8e14e4f4ca0aa9d0d8ef20c5

push time in 15 hours ago
push

dependabot[bot] push reactjs/th.reactjs.org

dependabot[bot]
dependabot[bot]

Bump ssri from 6.0.1 to 6.0.2

Bumps ssri from 6.0.1 to 6.0.2.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Bump elliptic from 6.5.2 to 6.5.4

Bumps elliptic from 6.5.2 to 6.5.4.

Signed-off-by: dependabot[bot] [email protected]

dependabot[bot]
dependabot[bot]

Merge pull request #95 from reactjs/dependabot/npm_and_yarn/elliptic-6.5.4

Bump elliptic from 6.5.2 to 6.5.4

dependabot[bot]
dependabot[bot]

Merge pull request #107 from reactjs/dependabot/npm_and_yarn/ssri-6.0.2

Bump ssri from 6.0.1 to 6.0.2

dependabot[bot]
dependabot[bot]

Bump ws from 5.2.2 to 5.2.3

Bumps ws from 5.2.2 to 5.2.3.


updated-dependencies:

  • dependency-name: ws dependency-type: indirect ...

Signed-off-by: dependabot[bot] [email protected]

commit sha: ea37a82e6824360d0cc53553ad158b9fa74f6216

push time in 15 hours ago
pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump hosted-git-info from 2.8.8 to 2.8.9

Bumps hosted-git-info from 2.8.8 to 2.8.9.

Changelog

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

Commits
Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

pull request

iphayao pull request reactjs/th.reactjs.org

iphayao
iphayao

Bump ssri from 6.0.1 to 6.0.2

Bumps ssri from 6.0.1 to 6.0.2.

Changelog

Sourced from ssri's changelog.

6.0.2 (2021-04-07)

Bug Fixes

  • backport regex change from 8.0.1 (b30dfdb), closes #19

Commits
Maintainer changes

This version was pushed to npm by nlf, a new releaser for ssri since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Activity icon
delete

iphayao in reactjs/th.reactjs.org delete branch dependabot/npm_and_yarn/ssri-6.0.2

deleted time in 15 hours ago