{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":50441257,"defaultBranch":"main","name":"cobot-slack","ownerLogin":"cobot","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2016-01-26T16:16:43.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/758697?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1712819379.0","currentOid":""},"activityList":{"items":[{"before":"2cdd01d35abe353f294903b9baa4be3ffaa2e1d7","after":"239b70c33d9bd49b1eac2f0c2b0d42630a14a5bc","ref":"refs/heads/main","pushedAt":"2024-04-11T07:09:39.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump tar from 6.1.13 to 6.2.1 (#74)\n\nBumps [tar](https://github.com/isaacs/node-tar) from 6.1.13 to 6.2.1.\n
\nChangelog\n

Sourced from tar's\nchangelog.

\n
\n

Changelog

\n

7.0

\n\n

6.2

\n\n

6.1

\n\n

6.0

\n\n

5.0

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tar&package-manager=npm_and_yarn&previous-version=6.1.13&new-version=6.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump tar from 6.1.13 to 6.2.1 (#74)"}},{"before":"33f2c6f4609f94ca18921f10efdf59870bd9a3cf","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/tar-6.2.1","pushedAt":"2024-04-11T07:09:39.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":null,"after":"33f2c6f4609f94ca18921f10efdf59870bd9a3cf","ref":"refs/heads/dependabot/npm_and_yarn/tar-6.2.1","pushedAt":"2024-04-11T07:06:35.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump tar from 6.1.13 to 6.2.1\n\nBumps [tar](https://github.com/isaacs/node-tar) from 6.1.13 to 6.2.1.\n- [Release notes](https://github.com/isaacs/node-tar/releases)\n- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/isaacs/node-tar/compare/v6.1.13...v6.2.1)\n\n---\nupdated-dependencies:\n- dependency-name: tar\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump tar from 6.1.13 to 6.2.1"}},{"before":"9a8bfb33dfb03b8ab13ffd39176a6d30b6f523a2","after":null,"ref":"refs/heads/dependabot/bundler/nokogiri-1.15.6","pushedAt":"2024-03-19T00:13:59.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"c43ff18a9fe8ecdcce2a47aded014632d3a5e7ef","after":"2cdd01d35abe353f294903b9baa4be3ffaa2e1d7","ref":"refs/heads/main","pushedAt":"2024-03-19T00:13:59.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.14.3 to 1.15.6 (#73)\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.3\nto 1.15.6.\n
\nRelease notes\n

Sourced from nokogiri's\nreleases.

\n
\n

1.15.6 / 2024-03-16

\n

Note

\n

This security release is a backport to the unsupported v1.15.x\nbranch. Current stable is v1.16.x, which addressed the referenced CVE in\nv1.16.2 on 2024-02-04.

\n

Security

\n
    \n
  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See\nGHSA-xc9x-jj77-9p9j\nfor more information.
    • \n
\n

Dependencies

\n
    \n
  • [CRuby] Vendored libxml2 is updated to v2.11.7 from v2.11.6. For\ndetails please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.7
    • \n
\n
\n

sha256 checksums:

\n\n
d79f713dffff149d60ab272d206a3ca96db2b891ab6a9f65362bfb78aface37a\ngems/nokogiri-1.15.6-aarch64-linux.gem\n62b5b7b387ec6c61c1ea5f889b7bc579eedd37f265f7cc1dc392484938549f1a\ngems/nokogiri-1.15.6-arm-linux.gem\nba93c63f5c03047778abf16c80676fe67e7eb7d871ab0aaa7e2c2dfe4ec20027\ngems/nokogiri-1.15.6-arm64-darwin.gem\nd24639a546ba58c86d18da1ed124eaecbd45c5ae4c4dec41751b730a2b732ac3\ngems/nokogiri-1.15.6-java.gem\ne36887d89ec1b080e4a01dd2ff52650003db01d2a5edf5e6ab19e4c0bdb1385f\ngems/nokogiri-1.15.6-x64-mingw-ucrt.gem\n852c59a398499c8fcb6478d76396dcd50afa8f8902563b76265cd7dc90a731a1\ngems/nokogiri-1.15.6-x64-mingw32.gem\n19e0a5fbfa4393353fbcf6801f8f62350b6e16f43c907680c5884896858a23a2\ngems/nokogiri-1.15.6-x86-linux.gem\n9d464bbbaad6721a5a73181165fda67573f64ef2803c3337f6f733603e9d309a\ngems/nokogiri-1.15.6-x86-mingw32.gem\n32d045cdb0ce097e4543a5e7a79efd13ff05d904e32f4328732149dbea3c7f15\ngems/nokogiri-1.15.6-x86_64-darwin.gem\n26a79da0377100d6938ae2f1b115230a8a4a4595e35b89164d8495af32091186\ngems/nokogiri-1.15.6-x86_64-linux.gem\n70ce799b4b3e23b358501f1da3914f70b1c7a113fb12e96a7d53558481146e08\ngems/nokogiri-1.15.6.gem\n
\n

1.15.5 / 2023-11-17

\n

Dependencies

\n
    \n
  • [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For\ndetails please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
    • \n
  • [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For\ndetails please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
    • \n
\n
\n

sha256 checksums:

\n\n
6dfa1d9837ddb233e234d56e244560ab1bc545d3d1744478060e18691f44ded7\nnokogiri-1.15.5-aarch64-linux.gem\ne3ac6608c6e1714bc11ff04e29a43fedf4cac2aea1bd88256cc3b927c06f347f\nnokogiri-1.15.5-arm-linux.gem\n4d7b15d53c0397d131376a19875aa97dd1c8b404c2c03bd2171f9b77e9592d40\nnokogiri-1.15.5-arm64-darwin.gem\n5f87e71aaeb4f7479b94698737a0aacea77836b4805c7433b655e9565bd56cfe\nnokogiri-1.15.5-java.gem\n7612be800909ae51e0a7cfbe1f768757857a9ff0339686814ca67d9bae271ca2\nnokogiri-1.15.5-x64-mingw-ucrt.gem\n</tr></table> \n
\n
\n

... (truncated)

\n
\n
\nChangelog\n

Sourced from nokogiri's\nchangelog.

\n
\n

1.15.6 / 2024-03-16

\n

Security

\n
    \n
  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See\nGHSA-xc9x-jj77-9p9j\nfor more information.
    • \n
\n

Dependencies

\n
    \n
  • [CRuby] Vendored libxml2 is updated to v2.11.7 from v2.11.6. For\ndetails please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.7
    • \n
\n

1.15.5 / 2023-11-17

\n

Dependencies

\n
    \n
  • [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For\ndetails please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
    • \n
  • [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For\ndetails please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
    • \n
\n

1.15.4 / 2023-08-11

\n

Dependencies

\n
    \n
  • [CRuby] Vendored libxml2 is updated to v2.11.5 from v2.11.4. For\ndetails please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5
    • \n
\n

Fixed

\n
    \n
  • Fixed a typo in a HTML5 parser error message. #2927\n(@​anishathalye)
    • \n
  • [CRuby] ObjectSpace.memsize_of is now safe to call on\nDocuments with complex DTDs. In previous versions, this\ndebugging method could result in a segfault. [#2923, #2924]
    • \n
\n

1.15.3 / 2023-07-05

\n

Fixed

\n
    \n
  • Passing an object that is not a kind of XML::Node as\nthe first parameter to CDATA.new now raises a\nTypeError. Previously this would result in either a\nsegfault (CRuby) or a Java exception (JRuby). #2920
    • \n
  • Passing an object that is not a kind of XML::Node as\nthe first parameter to Schema.from_document now raises a\nTypeError. Previously this would result in either a\nsegfault (CRuby) or a Java exception (JRuby). #2920
    • \n
  • [CRuby] Passing an object that is not a kind of\nXML::Node as the second parameter to Text.new\nnow raises a TypeError. Previously this would result in a\nsegfault. #2920
    • \n
  • [CRuby] Replacing a node's children via methods like\nNode#inner_html=, #children=, and\n#replace no longer defensively dups the node's next sibling\nif it is a Text node. This behavior was originally adopted to work\naround libxml2's memory management (see #283\nand #595)\nbut should not have included operations involving\nxmlAddChild(). #2916
    • \n
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559,\n#2895]\n(@​cbasguti)
    • \n
\n

1.15.2 / 2023-05-24

\n

Dependencies

\n
    \n
  • [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2.\nThis is functionally equivalent to v0.1.11.noko1 but restores support\nfor Java 8.
    • \n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 7ab6310\nversion bump to v1.15.6
    • \n
  • f8156b4\ndep: update libxml to 2.11.7 (branch 1.15.x) (#3154)
    • \n
  • 9827619\nci: pin to a version of bundler that works across supported rubies
    • \n
  • 83a2571\ndep: bump libxml to v2.11.7
    • \n
  • 5745d4b\nversion bump to v1.15.5
    • \n
  • da2d908\nci: add ruby version to vendored libs cache key (backport) (#3029)
    • \n
  • 0f56450\nci: add ruby version to vendored libs cache key (#3028)
    • \n
  • 32b2c35\ndep: update libxml to 2.11.5 and libxslt to 1.1.39 (v1.15.x) (#3025)
    • \n
  • b8f7e16\nci: skip the BSD builds for now
    • \n
  • aa3208b\ndep: update libxml to 2.11.5 and libxslt to 1.1.39
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&previous-version=1.14.3&new-version=1.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump nokogiri from 1.14.3 to 1.15.6 (#73)"}},{"before":null,"after":"9a8bfb33dfb03b8ab13ffd39176a6d30b6f523a2","ref":"refs/heads/dependabot/bundler/nokogiri-1.15.6","pushedAt":"2024-03-19T00:11:04.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.14.3 to 1.15.6\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.3 to 1.15.6.\n- [Release notes](https://github.com/sparklemotion/nokogiri/releases)\n- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.3...v1.15.6)\n\n---\nupdated-dependencies:\n- dependency-name: nokogiri\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump nokogiri from 1.14.3 to 1.15.6"}},{"before":"adb20451a69234b2d4ffc5fbd79132180aa226dd","after":null,"ref":"refs/heads/dependabot/bundler/rack-2.2.8.1","pushedAt":"2024-02-29T01:33:48.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"4ae1a43235bab6a2c08e4f7086b56987c2b47fad","after":"c43ff18a9fe8ecdcce2a47aded014632d3a5e7ef","ref":"refs/heads/main","pushedAt":"2024-02-29T01:33:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump rack from 2.2.6.4 to 2.2.8.1 (#72)\n\nBumps [rack](https://github.com/rack/rack) from 2.2.6.4 to 2.2.8.1.\n
\nRelease notes\n

Sourced from rack's\nreleases.

\n
\n

v2.2.8.1

\n

What's Changed

\n
    \n
  • Fixed ReDoS in Accept header parsing [CVE-2024-26146]
    • \n
  • Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
    • \n
  • Reject Range headers which are too large [CVE-2024-26141]
    • \n
\n

Full Changelog: https://github.com/rack/rack/compare/v2.2.8...v2.2.8.1

\n

v2.2.8

\n

What's Changed

\n
    \n
  • Limit file extension length of multipart tempfiles (2.2 backport) by\n@​dentarg in rack/rack#2075
    • \n
  • CHANGELOG: Add missing 2.2.7 by @​tisba in rack/rack#2081
    • \n
  • Update cookie.rb by @​dchandekstark\nin rack/rack#2092
    • \n
  • Prefer ubuntu-latest for testing. by @​ioquatix in rack/rack#2095
    • \n
  • Fix inefficient assert pattern in Rack::Lint [2-2-stable] by @​skipkayhil in rack/rack#2101
    • \n
  • Regenerate SPEC [2-2-stable] by @​skipkayhil in rack/rack#2102
    • \n
\n

New Contributors

\n
    \n
  • @​tisba made\ntheir first contribution in rack/rack#2081
    • \n
  • @​dchandekstark\nmade their first contribution in rack/rack#2092
    • \n
\n

Full Changelog: https://github.com/rack/rack/compare/v2.2.7...v2.2.8

\n

v2.2.7

\n

What's Changed

\n
    \n
  • Correct the year number in the changelog by @​kimulab in rack/rack#2015
    • \n
  • Support underscore in host names for Rack 2.2 (Fixes #2070) by\n@​jeremyevans\nin rack/rack#2071
    • \n
\n

New Contributors

\n
    \n
  • @​kimulab made\ntheir first contribution in rack/rack#2015
    • \n
\n

Full Changelog: https://github.com/rack/rack/compare/v2.2.6.4...v2.2.7

\n
\n
\n
\nCommits\n
    \n
  • e830011\nbump version
    • \n
  • d9c163a\nAvoid 2nd degree polynomial regexp in MediaType
    • \n
  • 6245768\nReturn an empty array when ranges are too large
    • \n
  • e4c1177\nFixing ReDoS in header parsing
    • \n
  • f169ff7\nBump patch version.
    • \n
  • 0a46487\nRegenerate SPEC (#2102)
    • \n
  • cee73b3\nFix inefficient assert pattern in Rack::Lint (#2101)
    • \n
  • 1fdcf1f\nPrefer ubuntu-latest for testing. (#2095)
    • \n
  • 287fe43\nUpdate cookie.rb (#2092)
    • \n
  • e7f4869\nadds missing 2.2.7 to CHANGELOG.md (#2081)
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rack&package-manager=bundler&previous-version=2.2.6.4&new-version=2.2.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump rack from 2.2.6.4 to 2.2.8.1 (#72)"}},{"before":null,"after":"adb20451a69234b2d4ffc5fbd79132180aa226dd","ref":"refs/heads/dependabot/bundler/rack-2.2.8.1","pushedAt":"2024-02-29T01:30:34.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rack from 2.2.6.4 to 2.2.8.1\n\nBumps [rack](https://github.com/rack/rack) from 2.2.6.4 to 2.2.8.1.\n- [Release notes](https://github.com/rack/rack/releases)\n- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/rack/rack/compare/v2.2.6.4...v2.2.8.1)\n\n---\nupdated-dependencies:\n- dependency-name: rack\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump rack from 2.2.6.4 to 2.2.8.1"}},{"before":"b84aaba95f798fb7b9bccec9c696762d3978c925","after":null,"ref":"refs/heads/dependabot/bundler/puma-5.6.8","pushedAt":"2024-01-08T20:37:01.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"43800af2d92f0288b1863a979c7c46e1a009f6d3","after":"4ae1a43235bab6a2c08e4f7086b56987c2b47fad","ref":"refs/heads/main","pushedAt":"2024-01-08T20:37:00.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump puma from 5.6.7 to 5.6.8 (#71)\n\nBumps [puma](https://github.com/puma/puma) from 5.6.7 to 5.6.8.\n
\nChangelog\n

Sourced from puma's\nchangelog.

\n
\n

5.6.8 / 2024-01-08

\n
    \n
  • Security\n
      \n
    • Limit the size of chunk extensions. Without this limit, an attacker\ncould cause unbounded resource (CPU, network bandwidth) consumption. (GHSA-c2f4-cvqm-65w2)
      • \n
    \n
    • \n
\n
\n
\n
\nCommits\n
    \n
  • 1293573\n5.6.8
    • \n
  • bbb880f\nMerge pull request from GHSA-c2f4-cvqm-65w2
    • \n
  • See full diff in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=5.6.7&new-version=5.6.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump puma from 5.6.7 to 5.6.8 (#71)"}},{"before":null,"after":"b84aaba95f798fb7b9bccec9c696762d3978c925","ref":"refs/heads/dependabot/bundler/puma-5.6.8","pushedAt":"2024-01-08T20:32:42.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump puma from 5.6.7 to 5.6.8\n\nBumps [puma](https://github.com/puma/puma) from 5.6.7 to 5.6.8.\n- [Release notes](https://github.com/puma/puma/releases)\n- [Changelog](https://github.com/puma/puma/blob/master/History.md)\n- [Commits](https://github.com/puma/puma/compare/v5.6.7...v5.6.8)\n\n---\nupdated-dependencies:\n- dependency-name: puma\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump puma from 5.6.7 to 5.6.8"}},{"before":"d274b105e2d9573e2eaefbca161d90a8270f4463","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/browserify-sign-4.2.2","pushedAt":"2023-10-27T10:12:07.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"cbf77aae34f689c0bc7ee17a3319da002be37cd0","after":"43800af2d92f0288b1863a979c7c46e1a009f6d3","ref":"refs/heads/main","pushedAt":"2023-10-27T10:12:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump browserify-sign from 4.0.4 to 4.2.2 (#70)\n\nBumps\n[browserify-sign](https://github.com/crypto-browserify/browserify-sign)\nfrom 4.0.4 to 4.2.2.\n
\nChangelog\n

Sourced from browserify-sign's\nchangelog.

\n
\n

v4.2.2\n- 2023-10-25

\n

Fixed

\n
    \n
  • [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)
    • \n
\n

Commits

\n
    \n
  • Only apps should have lockfiles 09a8995
    • \n
  • [eslint] switch to eslint 83fe463
    • \n
  • [meta] add npmignore and auto-changelog 4418183
    • \n
  • [meta] fix package.json indentation 9ac5a5e
    • \n
  • [Tests] migrate from travis to github actions d845d85
    • \n
  • [Fix] sign: throw on unsupported padding scheme 8767739
    • \n
  • [Fix] properly check the upper bound for DSA signatures 85994cd
    • \n
  • [Tests] handle openSSL not supporting a scheme f5f17c2
    • \n
  • [Deps] update bn.js, browserify-rsa,\nelliptic, parse-asn1,\nreadable-stream, safe-buffer a67d0eb
    • \n
  • [Dev Deps] update nyc, standard,\ntape cc5350b
    • \n
  • [Tests] always run coverage; downgrade nyc 75ce1d5
    • \n
  • [meta] add safe-publish-latest dcf49ce
    • \n
  • [Tests] add npm run posttest 75dd8fd
    • \n
  • [Dev Deps] update tape 3aec038
    • \n
  • [Tests] skip unsupported schemes 703c83e
    • \n
  • [Tests] node < 6 lacks array includes 3aa43cf
    • \n
  • [Dev Deps] fix eslint range 98d4e0d
    • \n
\n

v4.2.1\n- 2020-08-04

\n

Merged

\n
    \n
  • bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)
    • \n
\n

v4.2.0\n- 2020-05-18

\n

Merged

\n
    \n
  • switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)
    • \n
\n

v4.1.0\n- 2020-05-05

\n

Merged

\n
    \n
  • update deps, modernise usage, use readable-stream [#49](https://github.com/crypto-browserify/browserify-sign/issues/49)
    • \n
\n
\n
\n
\nCommits\n
    \n
  • 4af5a90\nv4.2.2
    • \n
  • 3aec038\n[Dev Deps] update tape
    • \n
  • 85994cd\n[Fix] properly check the upper bound for DSA signatures
    • \n
  • 9ac5a5e\n[meta] fix package.json indentation
    • \n
  • dcf49ce\n[meta] add safe-publish-latest
    • \n
  • 4418183\n[meta] add npmignore and auto-changelog
    • \n
  • 8767739\n[Fix] sign: throw on unsupported padding scheme
    • \n
  • 5f6fb17\n[Tests] log when openssl doesn't support cipher
    • \n
  • f5f17c2\n[Tests] handle openSSL not supporting a scheme
    • \n
  • d845d85\n[Tests] migrate from travis to github actions
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\nMaintainer changes\n

This version was pushed to npm by ljharb, a new releaser for\nbrowserify-sign since your current version.

\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=browserify-sign&package-manager=npm_and_yarn&previous-version=4.0.4&new-version=4.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump browserify-sign from 4.0.4 to 4.2.2 (#70)"}},{"before":null,"after":"d274b105e2d9573e2eaefbca161d90a8270f4463","ref":"refs/heads/dependabot/npm_and_yarn/browserify-sign-4.2.2","pushedAt":"2023-10-27T10:06:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump browserify-sign from 4.0.4 to 4.2.2\n\nBumps [browserify-sign](https://github.com/crypto-browserify/browserify-sign) from 4.0.4 to 4.2.2.\n- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.2)\n\n---\nupdated-dependencies:\n- dependency-name: browserify-sign\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump browserify-sign from 4.0.4 to 4.2.2"}},{"before":"8cbe8d8c0638a7354d925a807b6fd4b56d59b825","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/babel/traverse-7.23.2","pushedAt":"2023-10-19T00:36:15.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"4b00aa87c2694823eaa6a2b3a950f0ad3d28b3f7","after":"cbf77aae34f689c0bc7ee17a3319da002be37cd0","ref":"refs/heads/main","pushedAt":"2023-10-19T00:36:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump @babel/traverse from 7.21.4 to 7.23.2 (#69)\n\nBumps\n[@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse)\nfrom 7.21.4 to 7.23.2.\n
\nRelease notes\n

Sourced from @​babel/traverse's\nreleases.

\n
\n

v7.23.2 (2023-10-11)

\n

NOTE: This release also re-publishes\n@babel/core, even if it does not appear in the linked\nrelease commit.

\n

Thanks @​jimmydief for\nyour first PR!

\n

:bug: Bug Fix

\n
    \n
  • babel-traverse\n
      \n
    • #16033\nOnly evaluate own String/Number/Math methods (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-preset-typescript\n
      \n
    • #16022\nRewrite .tsx extension when using\nrewriteImportExtensions (@​jimmydief)
      • \n
    \n
    • \n
  • babel-helpers\n
      \n
    • #16017\nFix: fallback to typeof when toString is applied to incompatible object\n(@​JLHwung)
      • \n
    \n
    • \n
  • babel-helpers,\nbabel-plugin-transform-modules-commonjs,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime\n
      \n
    • #16025\nAvoid override mistake in namespace imports (@​nicolo-ribaudo)
      • \n
    \n
    • \n
\n

Committers: 5

\n
    \n
  • Babel Bot (@​babel-bot)
    • \n
  • Huáng Jùnliàng (@​JLHwung)
    • \n
  • James Diefenderfer (@​jimmydief)
    • \n
  • Nicolò Ribaudo (@​nicolo-ribaudo)
    • \n
  • @​liuxingbaoyu
    • \n
\n

v7.23.1 (2023-09-25)

\n

Re-publishing @babel/helpers due to a publishing error\nin 7.23.0.

\n

v7.23.0 (2023-09-25)

\n

Thanks @​lorenzoferre\nand @​RajShukla1 for\nyour first PRs!

\n

:rocket: New Feature

\n
    \n
  • babel-plugin-proposal-import-wasm-source,\nbabel-plugin-syntax-import-source,\nbabel-plugin-transform-dynamic-import\n
      \n
    • #15870\nSupport transforming import source for wasm (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-helper-module-transforms,\nbabel-helpers,\nbabel-plugin-proposal-import-defer,\nbabel-plugin-syntax-import-defer,\nbabel-plugin-transform-modules-commonjs,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime, babel-standalone\n
      \n
    • #15878\nImplement import defer proposal transform support (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-generator, babel-parser,\nbabel-types\n
      \n
    • #15845\nImplement import defer parsing support (@​nicolo-ribaudo)
      • \n
    • #15829 Add\nparsing support for the "source phase imports" proposal (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-generator,\nbabel-helper-module-transforms, babel-parser,\nbabel-plugin-transform-dynamic-import,\nbabel-plugin-transform-modules-amd,\nbabel-plugin-transform-modules-commonjs,\nbabel-plugin-transform-modules-systemjs,\nbabel-traverse, babel-types\n
      \n
    • #15682 Add\ncreateImportExpressions parser option (@​JLHwung)
      • \n
    \n
    • \n
  • babel-standalone\n
      \n
    • #15671\nPass through nonce to the transformed script element (@​JLHwung)
      • \n
    \n
    • \n
  • babel-helper-function-name,\nbabel-helper-member-expression-to-functions,\nbabel-helpers, babel-parser,\nbabel-plugin-proposal-destructuring-private,\nbabel-plugin-proposal-optional-chaining-assign,\nbabel-plugin-syntax-optional-chaining-assign,\nbabel-plugin-transform-destructuring,\nbabel-plugin-transform-optional-chaining,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime, babel-standalone,\nbabel-types\n
      \n
    • #15751 Add\nsupport for optional chain in assignments (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-helpers,\nbabel-plugin-proposal-decorators\n
      \n
    • #15895\nImplement the "decorator metadata" proposal (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-traverse, babel-types\n
      \n
    • #15893 Add\nt.buildUndefinedNode (@​liuxingbaoyu)
      • \n
    \n
    • \n
  • babel-preset-typescript
    • \n
\n\n
\n

... (truncated)

\n
\n
\nChangelog\n

Sourced from @​babel/traverse's\nchangelog.

\n
\n

v7.23.2 (2023-10-11)

\n

:bug: Bug Fix

\n
    \n
  • babel-traverse\n
      \n
    • #16033\nOnly evaluate own String/Number/Math methods (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-preset-typescript\n
      \n
    • #16022\nRewrite .tsx extension when using\nrewriteImportExtensions (@​jimmydief)
      • \n
    \n
    • \n
  • babel-helpers\n
      \n
    • #16017\nFix: fallback to typeof when toString is applied to incompatible object\n(@​JLHwung)
      • \n
    \n
    • \n
  • babel-helpers,\nbabel-plugin-transform-modules-commonjs,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime\n
      \n
    • #16025\nAvoid override mistake in namespace imports (@​nicolo-ribaudo)
      • \n
    \n
    • \n
\n

v7.23.0 (2023-09-25)

\n

:rocket: New Feature

\n
    \n
  • babel-plugin-proposal-import-wasm-source,\nbabel-plugin-syntax-import-source,\nbabel-plugin-transform-dynamic-import\n
      \n
    • #15870\nSupport transforming import source for wasm (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-helper-module-transforms,\nbabel-helpers,\nbabel-plugin-proposal-import-defer,\nbabel-plugin-syntax-import-defer,\nbabel-plugin-transform-modules-commonjs,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime, babel-standalone\n
      \n
    • #15878\nImplement import defer proposal transform support (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-generator, babel-parser,\nbabel-types\n
      \n
    • #15845\nImplement import defer parsing support (@​nicolo-ribaudo)
      • \n
    • #15829 Add\nparsing support for the "source phase imports" proposal (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-generator,\nbabel-helper-module-transforms, babel-parser,\nbabel-plugin-transform-dynamic-import,\nbabel-plugin-transform-modules-amd,\nbabel-plugin-transform-modules-commonjs,\nbabel-plugin-transform-modules-systemjs,\nbabel-traverse, babel-types\n
      \n
    • #15682 Add\ncreateImportExpressions parser option (@​JLHwung)
      • \n
    \n
    • \n
  • babel-standalone\n
      \n
    • #15671\nPass through nonce to the transformed script element (@​JLHwung)
      • \n
    \n
    • \n
  • babel-helper-function-name,\nbabel-helper-member-expression-to-functions,\nbabel-helpers, babel-parser,\nbabel-plugin-proposal-destructuring-private,\nbabel-plugin-proposal-optional-chaining-assign,\nbabel-plugin-syntax-optional-chaining-assign,\nbabel-plugin-transform-destructuring,\nbabel-plugin-transform-optional-chaining,\nbabel-runtime-corejs2, babel-runtime-corejs3,\nbabel-runtime, babel-standalone,\nbabel-types\n
      \n
    • #15751 Add\nsupport for optional chain in assignments (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-helpers,\nbabel-plugin-proposal-decorators\n
      \n
    • #15895\nImplement the "decorator metadata" proposal (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-traverse, babel-types\n
      \n
    • #15893 Add\nt.buildUndefinedNode (@​liuxingbaoyu)
      • \n
    \n
    • \n
  • babel-preset-typescript\n
      \n
    • #15913 Add\nrewriteImportExtensions option to TS preset (@​nicolo-ribaudo)
      • \n
    \n
    • \n
  • babel-parser\n
      \n
    • #15896\nAllow TS tuples to have both labeled and unlabeled elements (@​yukukotani)
      • \n
    \n
    • \n
\n

:bug: Bug Fix

\n
    \n
  • babel-plugin-transform-block-scoping\n
      \n
    • #15962\nfix: transform-block-scoping captures the variables of the\nmethod in the loop (@​liuxingbaoyu)
      • \n
    \n
    • \n
\n

:nail_care: Polish

\n
    \n
  • babel-traverse\n
      \n
    • #15797\nExpand evaluation of global built-ins in @babel/traverse\n(@​lorenzoferre)
      • \n
    \n
    • \n
  • babel-plugin-proposal-explicit-resource-management\n
      \n
    • #15985\nImprove source maps for blocks with using declarations (@​nicolo-ribaudo)
      • \n
    \n
    • \n
\n

:microscope: Output optimization

\n
    \n
  • babel-core,\nbabel-helper-module-transforms,\nbabel-plugin-transform-async-to-generator,\nbabel-plugin-transform-classes,\nbabel-plugin-transform-dynamic-import,\nbabel-plugin-transform-function-name,\nbabel-plugin-transform-modules-amd,\nbabel-plugin-transform-modules-commonjs,\nbabel-plugin-transform-modules-umd,\nbabel-plugin-transform-parameters,\nbabel-plugin-transform-react-constant-elements,\nbabel-plugin-transform-react-inline-elements,\nbabel-plugin-transform-runtime,\nbabel-plugin-transform-typescript,\nbabel-preset-env\n
      \n
    • #15984\nInline exports.XXX = update in simple variable declarations\n(@​nicolo-ribaudo)
      • \n
    \n
    • \n
\n

v7.22.20 (2023-09-16)

\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • b4b9942\nv7.23.2
    • \n
  • b13376b\nOnly evaluate own String/Number/Math methods (#16033)
    • \n
  • ca58ec1\nv7.23.0
    • \n
  • 0f333da\nAdd createImportExpressions parser option (#15682)
    • \n
  • 3744545\nFix linting
    • \n
  • c7e6806\nAdd t.buildUndefinedNode (#15893)
    • \n
  • 38ee8b4\nExpand evaluation of global built-ins in @babel/traverse\n(#15797)
    • \n
  • 9f3dfd9\nv7.22.20
    • \n
  • 3ed28b2\nFully support || and && in\npluginToggleBooleanFlag (#15961)
    • \n
  • 77b0d73\nv7.22.19
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.21.4&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump @babel/traverse from 7.21.4 to 7.23.2 (#69)"}},{"before":null,"after":"8cbe8d8c0638a7354d925a807b6fd4b56d59b825","ref":"refs/heads/dependabot/npm_and_yarn/babel/traverse-7.23.2","pushedAt":"2023-10-19T00:32:09.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump @babel/traverse from 7.21.4 to 7.23.2\n\nBumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.2.\n- [Release notes](https://github.com/babel/babel/releases)\n- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)\n\n---\nupdated-dependencies:\n- dependency-name: \"@babel/traverse\"\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump @babel/traverse from 7.21.4 to 7.23.2"}},{"before":"5bf7c7eef898a72ce0237c801e66c24f4bf181c2","after":null,"ref":"refs/heads/dependabot/bundler/sidekiq-6.5.10","pushedAt":"2023-10-05T14:03:52.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"4db4039bb00977a002808bd4d79d4a0d55ea1abc","after":"4b00aa87c2694823eaa6a2b3a950f0ad3d28b3f7","ref":"refs/heads/main","pushedAt":"2023-10-05T14:03:51.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump sidekiq from 6.0.6 to 6.5.10 (#68)\n\nBumps [sidekiq](https://github.com/sidekiq/sidekiq) from 6.0.6 to\n6.5.10.\n
\nChangelog\n

Sourced from sidekiq's\nchangelog.

\n
\n

Sidekiq Changes

\n

Sidekiq\nChanges | Sidekiq\nPro Changes | Sidekiq\nEnterprise Changes

\n

HEAD

\n
    \n
  • Fix breakage with non-Proc error handlers #6065
    • \n
\n

7.1.5

\n
    \n
  • FEATURE: Job filtering within the Web UI. This\nfeature has been open\nsourced from Sidekiq Pro. #6052
    • \n
  • API CHANGE Error handlers now take three arguments\n->(ex, context, config).\nThe previous calling convention will work until Sidekiq 8.0 but will\nprint\nout a deprecation warning. #6051
    • \n
  • Fix issue with the batch_size and at\noptions in S::Client.push_bulk #6040
    • \n
  • Fix inline testing firing batch callbacks early #6057
    • \n
  • Use new log broadcast API in Rails 7.1 #6054
    • \n
  • Crash if user tries to use RESP2 protocol: 2 #6061
    • \n
\n

7.1.4

\n
    \n
  • Fix empty retry_for logic #6035
    • \n
\n

7.1.3

\n
    \n
  • Add sidekiq_options retry_for: 48.hours to allow\ntime-based retry windows #6029
    • \n
  • Support sidekiq_retry_in and sidekiq_retries_exhausted_block in\nActiveJobs (#5994)
    • \n
  • Lowercase all Rack headers for Rack 3.0 #5951
    • \n
  • Validate Sidekiq::Web page refresh delay to avoid potential DoS,\nCVE-2023-26141, thanks for reporting Keegan!
    • \n
\n

7.1.2

\n
    \n
  • Mark Web UI assets as private so CDNs won't cache them #5936
    • \n
  • Fix stackoverflow when using Oj and the JSON log formatter #5920
    • \n
  • Remove spurious enqueued_at from scheduled ActiveJobs\n#5937
    • \n
\n

7.1.1

\n
    \n
  • Support multiple CurrentAttributes #5904
    • \n
  • Speed up latency fetch with large queues on Redis <7 #5910
    • \n
  • Allow a larger default client pool #5886
    • \n
  • Ensure Sidekiq.options[:environment] == RAILS_ENV #5932
    • \n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • f67a7ab\nCherry pick:
    • \n
  • 101435c\nMerge 62c90d7
    • \n
  • 022c059\nbump, prep
    • \n
  • fa6723e\nformatting, ensure environment is updated in Sidekiq.options
    • \n
  • ad0f13c\nprepare for release
    • \n
  • 7ed013e\nFail if bad scout_apm detected, fixes #5616
    • \n
  • 2ff4474\nFix natural sorting for processes (#5587)
    • \n
  • 0588caf\nchanges
    • \n
  • 7037533\nSpeedup iterating over WorkSet (#5559)
    • \n
  • d424e45\nAdd pagination to "Busy" page (#5556)
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sidekiq&package-manager=bundler&previous-version=6.0.6&new-version=6.5.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump sidekiq from 6.0.6 to 6.5.10 (#68)"}},{"before":"54a8d80b3ca9d763b6ec9bada83ff51f17ed2e78","after":null,"ref":"refs/heads/dependabot/bundler/sidekiq-7.1.3","pushedAt":"2023-10-05T13:59:11.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"5bf7c7eef898a72ce0237c801e66c24f4bf181c2","ref":"refs/heads/dependabot/bundler/sidekiq-6.5.10","pushedAt":"2023-10-05T13:59:05.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump sidekiq from 6.0.6 to 6.5.10\n\nBumps [sidekiq](https://github.com/sidekiq/sidekiq) from 6.0.6 to 6.5.10.\n- [Changelog](https://github.com/sidekiq/sidekiq/blob/main/Changes.md)\n- [Commits](https://github.com/sidekiq/sidekiq/compare/v6.0.6...v6.5.10)\n\n---\nupdated-dependencies:\n- dependency-name: sidekiq\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump sidekiq from 6.0.6 to 6.5.10"}},{"before":"14d9d050de2ad592e0785f7fc718bcd351a19d6a","after":null,"ref":"refs/heads/dependabot/bundler/sidekiq-7.0.8","pushedAt":"2023-09-14T19:45:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"54a8d80b3ca9d763b6ec9bada83ff51f17ed2e78","ref":"refs/heads/dependabot/bundler/sidekiq-7.1.3","pushedAt":"2023-09-14T19:45:52.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump sidekiq from 6.0.6 to 7.1.3\n\nBumps [sidekiq](https://github.com/sidekiq/sidekiq) from 6.0.6 to 7.1.3.\n- [Changelog](https://github.com/sidekiq/sidekiq/blob/main/Changes.md)\n- [Commits](https://github.com/sidekiq/sidekiq/compare/v6.0.6...v7.1.3)\n\n---\nupdated-dependencies:\n- dependency-name: sidekiq\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump sidekiq from 6.0.6 to 7.1.3"}},{"before":null,"after":"0dc6fcbdd48386fed7d5f6b64654da3a28d36c5d","ref":"refs/heads/dependabot/bundler/activerecord-and-actionpack-and-railties-and-dotenv-rails-7.0.7","pushedAt":"2023-08-19T02:41:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump activerecord, actionpack, railties and dotenv-rails\n\nBumps [activerecord](https://github.com/rails/rails), [actionpack](https://github.com/rails/rails), [railties](https://github.com/rails/rails) and [dotenv-rails](https://github.com/bkeepers/dotenv). These dependencies needed to be updated together.\n\nUpdates `activerecord` from 5.2.4.4 to 7.0.7\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.0.7/activerecord/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v5.2.4.4...v7.0.7)\n\nUpdates `actionpack` from 5.2.4.4 to 7.0.7\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.0.7/actionpack/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v5.2.4.4...v7.0.7)\n\nUpdates `railties` from 5.2.4.4 to 7.0.7\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.0.7/railties/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v5.2.4.4...v7.0.7)\n\nUpdates `dotenv-rails` from 2.7.5 to 2.8.1\n- [Release notes](https://github.com/bkeepers/dotenv/releases)\n- [Changelog](https://github.com/bkeepers/dotenv/blob/master/Changelog.md)\n- [Commits](https://github.com/bkeepers/dotenv/compare/v2.7.5...v2.8.1)\n\n---\nupdated-dependencies:\n- dependency-name: activerecord\n dependency-type: direct:production\n- dependency-name: actionpack\n dependency-type: direct:production\n- dependency-name: railties\n dependency-type: direct:production\n- dependency-name: dotenv-rails\n dependency-type: direct:development\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump activerecord, actionpack, railties and dotenv-rails"}},{"before":"3ec2d24e4584177be2b3df6422c400a53eb889d9","after":null,"ref":"refs/heads/dependabot/bundler/puma-5.6.7","pushedAt":"2023-08-19T01:41:49.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"5797a2fc3fd14167f838483b1b9043b096cfcb0d","after":"4db4039bb00977a002808bd4d79d4a0d55ea1abc","ref":"refs/heads/main","pushedAt":"2023-08-19T01:41:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump puma from 5.6.4 to 5.6.7 (#65)\n\nBumps [puma](https://github.com/puma/puma) from 5.6.4 to 5.6.7.\n
\nRelease notes\n

Sourced from puma's\nreleases.

\n
\n

5.6.7

\n

Security\nAddress HTTP request smuggling vulnerabilities with zero-length Content\nLength header and trailer fields (GHSA-68xg-gqqm-vgj8)

\n

5.6.5 / 2022-08-23

\n
    \n
  • Bugfixes\n
      \n
    • NullIO#closed should return false (#2883)
      • \n
    • Puma::ControlCLI - allow refork command to be sent as a request (#2868, #2866)
      • \n
    • [jruby] Fix TLS verification hang (#2890, #2729)
      • \n
    • extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir'\nis used (#2885, #2839)
      • \n
    • MiniSSL - detect SSL_CTX_set_dh_auto (#2864, #2863)
      • \n
    • Fix rack.after_reply exceptions breaking connections (#2861, #2856)
      • \n
    • Escape SSL cert and filenames (#2855)
      • \n
    • Fail hard if SSL certs or keys are invalid (#2848)
      • \n
    • Fail hard if SSL certs or keys cannot be read by user (#2847)
      • \n
    • Fix build with Opaque DH in LibreSSL 3.5. (#2838)
      • \n
    • Pre-existing socket file removed when TERM is issued after USR2 (if\npuma is running in cluster mode) (#2817)
      • \n
    • Fix Puma::StateFile#load incompatibility (#2810)
      • \n
    \n
    • \n
\n
\n
\n
\nChangelog\n

Sourced from puma's\nchangelog.

\n
\n

5.6.7 / 2023-08-18

\n
    \n
  • Security\n
      \n
    • Address HTTP request smuggling vulnerabilities with zero-length\nContent Length header and trailer fields (GHSA-68xg-gqqm-vgj8)
      • \n
    \n
    • \n
\n

5.6.6 / 2023-06-21

\n
    \n
  • Bugfix\n
      \n
    • Prevent loading with rack 3 (#3166)
      • \n
    \n
    • \n
\n

5.6.5 / 2022-08-23

\n
    \n
  • \n

    Feature

    \n
      \n
    • Puma::ControlCLI - allow refork command to be sent as a request (#2868, #2866)
      • \n
    \n
    • \n
  • \n

    Bugfixes

    \n
      \n
    • NullIO#closed should return false (#2883)
      • \n
    • [jruby] Fix TLS verification hang (#2890, #2729)
      • \n
    • extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir'\nis used (#2885, #2839)
      • \n
    • MiniSSL - detect SSL_CTX_set_dh_auto (#2864, #2863)
      • \n
    • Fix rack.after_reply exceptions breaking connections (#2861, #2856)
      • \n
    • Escape SSL cert and filenames (#2855)
      • \n
    • Fail hard if SSL certs or keys are invalid (#2848)
      • \n
    • Fail hard if SSL certs or keys cannot be read by user (#2847)
      • \n
    • Fix build with Opaque DH in LibreSSL 3.5. (#2838)
      • \n
    • Pre-existing socket file removed when TERM is issued after USR2 (if\npuma is running in cluster mode) (#2817)
      • \n
    • Fix Puma::StateFile#load incompatibility (#2810)
      • \n
    \n
    • \n
\n
\n
\n
\nCommits\n
    \n
  • 78393bf\n5.6.7
    • \n
  • 7405a21\nMerge pull request from GHSA-68xg-gqqm-vgj8
    • \n
  • d33424b\n5.6.7 release note [ci skip]
    • \n
  • f8c7b23\n5.6.6
    • \n
  • 08af1b5\n5.6.6 release note
    • \n
  • 6dac5d9\nPrevent loading with rack 3 (#3166)
    • \n
  • 0892558\nFix and update 5-6-stable CI, two backports (#3167)
    • \n
  • 3a6ea4f\nRelease note fix for 5.6.5
    • \n
  • 3bace01\n5.6.5
    • \n
  • 3ce6668\n5.6.5 release note
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=5.6.4&new-version=5.6.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump puma from 5.6.4 to 5.6.7 (#65)"}},{"before":null,"after":"3ec2d24e4584177be2b3df6422c400a53eb889d9","ref":"refs/heads/dependabot/bundler/puma-5.6.7","pushedAt":"2023-08-19T01:37:34.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump puma from 5.6.4 to 5.6.7\n\nBumps [puma](https://github.com/puma/puma) from 5.6.4 to 5.6.7.\n- [Release notes](https://github.com/puma/puma/releases)\n- [Changelog](https://github.com/puma/puma/blob/master/History.md)\n- [Commits](https://github.com/puma/puma/compare/v5.6.4...v5.6.7)\n\n---\nupdated-dependencies:\n- dependency-name: puma\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump puma from 5.6.4 to 5.6.7"}},{"before":"3f78d9a1b28aee0e9158d509cc10ebddb4537c56","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/semver-5.7.2","pushedAt":"2023-07-11T13:22:37.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"599700d2066599f50c2b1938032ef91d962983ef","after":"5797a2fc3fd14167f838483b1b9043b096cfcb0d","ref":"refs/heads/main","pushedAt":"2023-07-11T13:22:36.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump semver from 5.7.1 to 5.7.2 (#64)\n\nBumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.\n
\nRelease notes\n

Sourced from semver's\nreleases.

\n
\n

v5.7.2

\n

5.7.2\n(2023-07-10)

\n

Bug Fixes

\n
    \n
  • 2f8fd41\n#585\nbetter handling of whitespace (#585)\n(@​joaomoreno,\n@​lukekarrys)
    • \n
\n
\n
\n
\nChangelog\n

Sourced from semver's\nchangelog.

\n
\n

5.7.2\n(2023-07-10)

\n

Bug Fixes

\n
    \n
  • 2f8fd41\n#585\nbetter handling of whitespace (#585)\n(@​joaomoreno,\n@​lukekarrys)
    • \n
\n

5.7

\n
    \n
  • Add minVersion method
    • \n
\n

5.6

\n
    \n
  • Move boolean loose param to an options object, with\nbackwards-compatibility protection.
    • \n
  • Add ability to opt out of special prerelease version handling with\nthe includePrerelease option flag.
    • \n
\n

5.5

\n
    \n
  • Add version coercion capabilities
    • \n
\n

5.4

\n
    \n
  • Add intersection checking
    • \n
\n

5.3

\n
    \n
  • Add minSatisfying method
    • \n
\n

5.2

\n
    \n
  • Add prerelease(v) that returns prerelease\ncomponents
    • \n
\n

5.1

\n
    \n
  • Add Backus-Naur for ranges
    • \n
  • Remove excessively cute inspection methods
    • \n
\n

5.0

\n
    \n
  • Remove AMD/Browserified build artifacts
    • \n
  • Fix ltr and gtr when using the * range
    • \n
  • Fix for range * with a prerelease identifier
    • \n
\n
\n
\n
\nCommits\n
    \n
  • f8cc313\nchore: release 5.7.2
    • \n
  • 2f8fd41\nfix: better handling of whitespace (#585)
    • \n
  • deb5ad5\nchore: @​npmcli/template-oss@​4.16.0
    • \n
  • See full diff in compare\nview
    • \n
\n
\n
\nMaintainer changes\n

This version was pushed to npm by lukekarrys, a new releaser\nfor semver since your current version.

\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=semver&package-manager=npm_and_yarn&previous-version=5.7.1&new-version=5.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/cobot/cobot-slack/network/alerts).\n\n
\n\nSigned-off-by: dependabot[bot] \nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump semver from 5.7.1 to 5.7.2 (#64)"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAELc1q5gA","startCursor":null,"endCursor":null}},"title":"Activity · cobot/cobot-slack"}