CloCkWeRX
Repos
308
Followers
83
Following
41

Events

push
rabbitvcs/rabbitvcs
CloCkWeRX push rabbitvcs/rabbitvcs

show local branches only in push, pull dialog and select matching upstream by default

Merge pull request #372 from rabbitvcs/git-pull-push-local-branches-only

Update GitRepositorySelector to only show local branches and select matching repository

Created at 1 day ago
pull request closed
rabbitvcs/rabbitvcs
Update GitRepositorySelector to only show local branches and select matching repository

This PR modifies the GitRepositorySelector:

  • only show local branches, which the user actually wants to pull or push
  • select the matching upstream repository of the current branch by default
Created at 1 day ago
pull request closed
fatfreecrm/ffcrm_service_hooks
Bump ffcrm_merge from `a1f7c63` to `16ab908`

Bumps ffcrm_merge from a1f7c63 to 16ab908.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 1 day ago
push
fatfreecrm/ffcrm_service_hooks
CloCkWeRX push fatfreecrm/ffcrm_service_hooks

Bump ffcrm_merge from a1f7c63 to 16ab908

Bumps ffcrm_merge from a1f7c63 to 16ab908.

updated-dependencies:

  • dependency-name: ffcrm_merge dependency-type: direct:production ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #36 from fatfreecrm/dependabot/bundler/ffcrm_merge-16ab908

Bump ffcrm_merge from a1f7c63 to 16ab908

Created at 1 day ago
delete branch
CloCkWeRX/custom_component_splitwise
CloCkWeRX delete branch add_notification
Created at 1 day ago
push
fatfreecrm/fat_free_crm
CloCkWeRX push fatfreecrm/fat_free_crm

Bump selenium-webdriver from 4.8.1 to 4.8.3

Bumps selenium-webdriver from 4.8.1 to 4.8.3.

updated-dependencies:

  • dependency-name: selenium-webdriver dependency-type: direct:development update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #1082 from fatfreecrm/dependabot/bundler/selenium-webdriver-4.8.3

Bump selenium-webdriver from 4.8.1 to 4.8.3

Created at 1 day ago
pull request closed
fatfreecrm/fat_free_crm
Bump selenium-webdriver from 4.8.1 to 4.8.3

Bumps selenium-webdriver from 4.8.1 to 4.8.3.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 1 day ago
delete branch
fatfreecrm/fat_free_crm
CloCkWeRX delete branch dependabot/bundler/premailer-1.21.0
Created at 1 day ago
push
fatfreecrm/fat_free_crm
CloCkWeRX push fatfreecrm/fat_free_crm

Bump premailer from 1.20.0 to 1.21.0

Bumps premailer from 1.20.0 to 1.21.0.

updated-dependencies:

  • dependency-name: premailer dependency-type: direct:production update-type: version-update:semver-minor ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #1081 from fatfreecrm/dependabot/bundler/premailer-1.21.0

Bump premailer from 1.20.0 to 1.21.0

Created at 1 day ago
pull request closed
fatfreecrm/fat_free_crm
Bump premailer from 1.20.0 to 1.21.0

Bumps premailer from 1.20.0 to 1.21.0.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 1 day ago
push
rabbitvcs/rabbitvcs
CloCkWeRX push rabbitvcs/rabbitvcs

setup: use setuptools

Module distutils is deprecated and will be dropped out in Python 3.12: its use should be replaced by setuptools. This commit converts rabbitvcs setup.py to use setuptools rather than distutils, in a nearly compatible way.

Note that used keyword "data_files" is deprecated and not replaced. It is however still operational.

Merge pull request #363 from monnerat/setuptools

setup: use setuptools

Created at 1 day ago
pull request closed
rabbitvcs/rabbitvcs
setup: use setuptools

Module distutils is deprecated and will be dropped out in Python 3.12: its use should be replaced by setuptools. This commit converts rabbitvcs setup.py to use setuptools rather than distutils, in a nearly compatible way.

Note that used keyword data_files is deprecated and not replaced. It is however still operational.

IMO a new setup strategy ought to be implemented for rabbitvcs setup, but this is out of my skill. in the meantime, this commit will allow the project's setup to survive some time. Feedbacks and comments welcomed.

Created at 1 day ago
closed issue
cyberjunky/python-garminconnect
Local variable 'response' referenced before assignment

See https://github.com/cyberjunky/home-assistant-garmin_connect/issues/41

If an exception is raised in any of the get/post methods - https://github.com/cyberjunky/python-garminconnect/blob/master/garminconnect/init.py#L69 sometimes the handler will try to use a variable that has never been defined.

Rather than handling Exception; more specifically handling requests.exceptions.ConnectionError (among others) would prevent this issue.

Created at 1 day ago
issue comment
cyberjunky/python-garminconnect
Local variable 'response' referenced before assignment

I mostly see this through https://github.com/cyberjunky/home-assistant-garmin_connect to will wait for that to get bumped. Thanks for sorting it eiher way

Created at 1 day ago
push
pear/Image_Color2
CloCkWeRX push pear/Image_Color2

Feat add support for php 8.2

Merge pull request #2 from SanaviaNicolas/feat-add-support-for-php-82

Feat add support for php 8.2

Created at 1 week ago
pull request closed
pear/Image_Color2
Feat add support for php 8.2
Created at 1 week ago
push
fatfreecrm/ffcrm_awesome
CloCkWeRX push fatfreecrm/ffcrm_awesome

Bump pg from 0.14.0 to 1.4.6

Bumps pg from 0.14.0 to 1.4.6.

updated-dependencies:

  • dependency-name: pg dependency-type: direct:development update-type: version-update:semver-major ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #8 from fatfreecrm/dependabot/bundler/pg-1.4.6

Bump pg from 0.14.0 to 1.4.6

Created at 1 week ago
pull request closed
fatfreecrm/ffcrm_awesome
Bump pg from 0.14.0 to 1.4.6

Bumps pg from 0.14.0 to 1.4.6.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 1 week ago
push
fatfreecrm/ffcrm_awesome
CloCkWeRX push fatfreecrm/ffcrm_awesome

Bump rack from 2.2.6.3 to 2.2.6.4

Bumps rack from 2.2.6.3 to 2.2.6.4.

updated-dependencies:

  • dependency-name: rack dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #9 from fatfreecrm/dependabot/bundler/rack-2.2.6.4

Bump rack from 2.2.6.3 to 2.2.6.4

Created at 1 week ago
pull request closed
fatfreecrm/ffcrm_awesome
Bump rack from 2.2.6.3 to 2.2.6.4

Bumps rack from 2.2.6.3 to 2.2.6.4.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
Created at 1 week ago
push
fatfreecrm/ffcrm_crowd
CloCkWeRX push fatfreecrm/ffcrm_crowd

Bump rack from 2.2.6.3 to 2.2.6.4

Bumps rack from 2.2.6.3 to 2.2.6.4.

updated-dependencies:

  • dependency-name: rack dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #6 from fatfreecrm/dependabot/bundler/rack-2.2.6.4

Bump rack from 2.2.6.3 to 2.2.6.4

Created at 1 week ago
pull request closed
fatfreecrm/ffcrm_crowd
Bump rack from 2.2.6.3 to 2.2.6.4

Bumps rack from 2.2.6.3 to 2.2.6.4.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 1 week ago
pull request closed
Growstuff/growstuff
[Snyk] Fix for 2 vulnerabilities

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • Gemfile
Failed to update the Gemfile.lock, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 591/1000 Why? Recently disclosed, Has a fix available, CVSS 6.1 | Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-3360028 | No | No Known Exploit medium severity | 551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RACK-3360233 | No | No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS) 🦉 Regular Expression Denial of Service (ReDoS)

Created at 1 week ago
push
fatfreecrm/ffcrm_awesome
CloCkWeRX push fatfreecrm/ffcrm_awesome

Bump rspec-rails from 2.11.0 to 5.1.2

Bumps rspec-rails from 2.11.0 to 5.1.2.

updated-dependencies:

  • dependency-name: rspec-rails dependency-type: direct:development update-type: version-update:semver-major ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #6 from fatfreecrm/dependabot/bundler/rspec-rails-5.1.2

Bump rspec-rails from 2.11.0 to 5.1.2

Created at 1 week ago