{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":268817515,"defaultBranch":"master","name":"tobira","ownerLogin":"elan-ev","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2020-06-02T14:04:21.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1064602?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1726231846.0","currentOid":""},"activityList":{"items":[{"before":"c14d625473a2a01394d46869a08491e97cbecbba","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-d66d039ac5","pushedAt":"2024-09-13T12:50:46.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"ab0501701364b924396b90ea4b97d48c4b65455a","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-cf87d80143","pushedAt":"2024-09-13T12:50:42.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"de10cc2828647c7441c6020529667087343e73f8","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-9423f4c335","pushedAt":"2024-09-13T12:50:12.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"1d14142dd4b7c33d213b5ded2b5547894e7707ea","after":"1516e5fa7bf6fc4e78c6aa007093e6de370908c2","ref":"refs/heads/master","pushedAt":"2024-09-13T12:50:05.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Bump body-parser and express in /docs (#1246)\n\nBumps [body-parser](https://github.com/expressjs/body-parser) and\r\n[express](https://github.com/expressjs/express). These dependencies\r\nneeded to be updated together.\r\nUpdates `body-parser` from 1.20.2 to 1.20.3\r\n
\r\nRelease notes\r\n

Sourced from body-parser's\r\nreleases.

\r\n
\r\n

1.20.3

\r\n

What's Changed

\r\n

Important

\r\n\r\n

Other changes

\r\n\r\n

New Contributors

\r\n\r\n

Full Changelog: https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3

\r\n
\r\n
\r\n
\r\nChangelog\r\n

Sourced from body-parser's\r\nchangelog.

\r\n
\r\n

1.20.3 / 2024-09-10

\r\n\r\n
\r\n
\r\n
\r\nCommits\r\n\r\n
\r\n
\r\nMaintainer changes\r\n

This version was pushed to npm by ulisesgascon, a new\r\nreleaser for body-parser since your current version.

\r\n
\r\n
\r\n\r\nUpdates `express` from 4.19.2 to 4.21.0\r\n
\r\nRelease notes\r\n

Sourced from express's\r\nreleases.

\r\n
\r\n

4.21.0

\r\n

What's Changed

\r\n\r\n

New Contributors

\r\n\r\n

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

\r\n

4.20.0

\r\n

What's Changed

\r\n

Important

\r\n\r\n

Other Changes

\r\n\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from express's\r\nchangelog.

\r\n
\r\n

4.21.0 / 2024-09-11

\r\n\r\n

4.20.0 / 2024-09-10

\r\n\r\n
\r\n
\r\n
\r\nCommits\r\n\r\n
\r\n
\r\n\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump body-parser and express in /docs (#1246)"}},{"before":"8cb2cb18f66b7eacdda31dceb423620875be0ade","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/express-4.21.0","pushedAt":"2024-09-13T10:55:35.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"ab0501701364b924396b90ea4b97d48c4b65455a","ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-cf87d80143","pushedAt":"2024-09-13T10:55:34.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump send and express in /docs\n\nBumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.\n\nUpdates `send` from 0.18.0 to 0.19.0\n- [Release notes](https://github.com/pillarjs/send/releases)\n- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)\n- [Commits](https://github.com/pillarjs/send/compare/0.18.0...0.19.0)\n\nUpdates `express` from 4.19.2 to 4.21.0\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: send\n dependency-type: indirect\n- dependency-name: express\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump send and express in /docs"}},{"before":null,"after":"c14d625473a2a01394d46869a08491e97cbecbba","ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-d66d039ac5","pushedAt":"2024-09-13T10:55:30.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump serve-static and express in /docs\n\nBumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.\n\nUpdates `serve-static` from 1.15.0 to 1.16.2\n- [Release notes](https://github.com/expressjs/serve-static/releases)\n- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)\n- [Commits](https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.2)\n\nUpdates `express` from 4.19.2 to 4.21.0\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: serve-static\n dependency-type: indirect\n- dependency-name: express\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump serve-static and express in /docs"}},{"before":null,"after":"8cb2cb18f66b7eacdda31dceb423620875be0ade","ref":"refs/heads/dependabot/npm_and_yarn/docs/express-4.21.0","pushedAt":"2024-09-13T10:55:25.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump express from 4.19.2 to 4.21.0 in /docs\n\nBumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.21.0.\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: express\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump express from 4.19.2 to 4.21.0 in /docs"}},{"before":null,"after":"de10cc2828647c7441c6020529667087343e73f8","ref":"refs/heads/dependabot/npm_and_yarn/docs/multi-9423f4c335","pushedAt":"2024-09-13T10:55:23.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump body-parser and express in /docs\n\nBumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.\n\nUpdates `body-parser` from 1.20.2 to 1.20.3\n- [Release notes](https://github.com/expressjs/body-parser/releases)\n- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)\n- [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3)\n\nUpdates `express` from 4.19.2 to 4.21.0\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: body-parser\n dependency-type: indirect\n- dependency-name: express\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump body-parser and express in /docs"}},{"before":"5889f578ec8da044d708c20230d09994f4ce11a4","after":"1d14142dd4b7c33d213b5ded2b5547894e7707ea","ref":"refs/heads/master","pushedAt":"2024-09-13T10:54:23.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"LukasKalbertodt","name":"Lukas Kalbertodt","path":"/LukasKalbertodt","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7419664?s=80&v=4"},"commit":{"message":"Update paella-core to 1.49.6 (#1245)\n\nThis fixes an issue where the popup menu in paella wasn't sticking to\r\nits trigger button correctly.\r\n\r\nCloses #1231","shortMessageHtmlLink":"Update paella-core to 1.49.6 (#1245)"}},{"before":"aa6f0e9b61404fe95517615fc62daaf562fbe9ae","after":"5889f578ec8da044d708c20230d09994f4ce11a4","ref":"refs/heads/master","pushedAt":"2024-09-13T10:48:43.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Update Grafana to 11.2 on test deployment (#1241)\n\nWell, the auto updater already did update it, breaking it. So this makes\r\nGrafana work again. Well, it already does, as I ran these scripts\r\nlocally already.","shortMessageHtmlLink":"Update Grafana to 11.2 on test deployment (#1241)"}},{"before":"389075497504c0e98676e343693af9641da927c7","after":"aa6f0e9b61404fe95517615fc62daaf562fbe9ae","ref":"refs/heads/master","pushedAt":"2024-09-12T10:36:54.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Add `createRealmLineage` mutation to API (#1179)\n\nThis is supposed to make mounting series easier from external scripts.\r\nThe existing `mountSeries` API is (a) doing a lot of different things\r\nand (b) requires the caller to distinguish between what realms already\r\nexist and which still need to be created. This new API is idempotent and\r\nmore convenient. With this, it would be possible to simplify\r\n`mountSeries`, but we can't simply break that API since the Admin UI is\r\nusing it. So we keep it for now. We might add an alternative API in the\r\nfuture.\r\n\r\n@wsmirnow asked for this. Please let me know if this already helps you!\r\nYou still have to use the `mountSeries` API but at least you can always\r\npass `[]` as `new_realms` by first calling this new API.","shortMessageHtmlLink":"Add createRealmLineage mutation to API (#1179)"}},{"before":"16c9679793ae6a07a36760d0b2675857eba9ab12","after":null,"ref":"refs/heads/dependabot/cargo/backend/openssl-0.10.66","pushedAt":"2024-09-09T15:23:03.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"5c691488da9d25f0b83fcadca99e5cbe7e077698","after":"389075497504c0e98676e343693af9641da927c7","ref":"refs/heads/master","pushedAt":"2024-09-09T15:22:54.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"LukasKalbertodt","name":"Lukas Kalbertodt","path":"/LukasKalbertodt","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7419664?s=80&v=4"},"commit":{"message":"Bump openssl from 0.10.64 to 0.10.66 in /backend (#1240)\n\nBumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.64\r\nto 0.10.66.\r\n
\r\nRelease notes\r\n

Sourced from openssl's\r\nreleases.

\r\n
\r\n

openssl-v0.10.66

\r\n

What's Changed

\r\n
    \r\n
  • Fixed invariant violation in MemBio::get_buf with empty\r\nresults by @​alex in\r\nsfackler/rust-openssl#2266
    • \r\n
  • Release openssl v0.10.66 by @​alex in sfackler/rust-openssl#2267
    • \r\n
\r\n

Full Changelog: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...openssl-v0.10.66

\r\n

openssl-v0.10.65

\r\n

What's Changed

\r\n
    \r\n
  • don't emit rerun-if-changed when vendoring by @​reaperhulk in sfackler/rust-openssl#2177
    • \r\n
  • Prepare for openssl-sys 0.9.101 release by @​alex in sfackler/rust-openssl#2182
    • \r\n
  • don't emit rerun-if-changed unless the path exists and is readable\r\nby @​reaperhulk\r\nin sfackler/rust-openssl#2187
    • \r\n
  • Added support for LibreSSL 3.9.0 by @​alex in sfackler/rust-openssl#2202
    • \r\n
  • Support stable LibreSSL 3.9.x by @​alex in sfackler/rust-openssl#2209
    • \r\n
  • openssl-sys 0.9.102 release by @​alex in sfackler/rust-openssl#2210
    • \r\n
  • Add repository field to openssl-macros crate by @​paolobarbolini\r\nin sfackler/rust-openssl#2211
    • \r\n
  • Add missing openssl-sys dependency by @​pieterdd in sfackler/rust-openssl#2212
    • \r\n
  • Test OpenSSL 3.3.0-beta1 by @​sfackler in sfackler/rust-openssl#2216
    • \r\n
  • test against 3.3.0 final by @​alex in sfackler/rust-openssl#2218
    • \r\n
  • fix min-versions in CI by @​alex in sfackler/rust-openssl#2228
    • \r\n
  • Make X509_VAL opaque for LibreSSL 4.0.0 by @​botovq in sfackler/rust-openssl#2227
    • \r\n
  • Use the newer names for STACK_OF(T) functions with BoringSSL by @​davidben in sfackler/rust-openssl#2231
    • \r\n
  • Only declare OpensslCallbacks in bindgen builds by @​alex in sfackler/rust-openssl#2234
    • \r\n
  • Fix building with latest BoringSSL by @​davidben in sfackler/rust-openssl#2230
    • \r\n
  • Emit rustc-check-cfg for nightly by @​alex in sfackler/rust-openssl#2235
    • \r\n
  • Configure OpenSSL data dir on vendored builds. by @​DanielSidhion\r\nin sfackler/rust-openssl#2122
    • \r\n
  • Add boringssl keylog callback support by @​mspublic in sfackler/rust-openssl#2237
    • \r\n
  • Correct the name of the pkgconf package on some distros\r\nby @​JonathanBrouwer\r\nin sfackler/rust-openssl#2253
    • \r\n
  • Add some OpenSSL 3 QUIC raw bindings by @​bdbai in sfackler/rust-openssl#2257
    • \r\n
  • Initialize OpenSSL in MD constructors by @​sfackler in sfackler/rust-openssl#2258
    • \r\n
  • Switch Pkey::from_ to use set1 functions by @​alex in sfackler/rust-openssl#2262
    • \r\n
  • Release openssl v0.10.65 and openssl-sys v0.9.103 by @​alex in sfackler/rust-openssl#2265
    • \r\n
\r\n

New Contributors

\r\n
    \r\n
  • @​paolobarbolini\r\nmade their first contribution in sfackler/rust-openssl#2211
    • \r\n
  • @​pieterdd\r\nmade their first contribution in sfackler/rust-openssl#2212
    • \r\n
  • @​DanielSidhion\r\nmade their first contribution in sfackler/rust-openssl#2122
    • \r\n
  • @​mspublic\r\nmade their first contribution in sfackler/rust-openssl#2237
    • \r\n
  • @​JonathanBrouwer\r\nmade their first contribution in sfackler/rust-openssl#2253
    • \r\n
  • @​bdbai made\r\ntheir first contribution in sfackler/rust-openssl#2257
    • \r\n
\r\n

Full Changelog: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.65

\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • ad70a0b\r\nMerge pull request #2267\r\nfrom alex/bump-for-release
    • \r\n
  • 5ce473b\r\nRelease openssl v0.10.66
    • \r\n
  • aef36e0\r\nMerge pull request #2266\r\nfrom alex/mem-bio-invariant
    • \r\n
  • 142deef\r\nFixed invariant violation in MemBio::get_buf with empty\r\nresults
    • \r\n
  • 32f150b\r\nMerge pull request #2265\r\nfrom alex/bump-for-release
    • \r\n
  • 98addd2\r\nRelease openssl v0.10.65 and openssl-sys v0.9.103
    • \r\n
  • 7c7958d\r\nMerge pull request #2262\r\nfrom alex/pkey-api
    • \r\n
  • d7b12cc\r\nSwitch Pkey::from_ to use set1 functions
    • \r\n
  • 22ffa9a\r\nMerge pull request #2258\r\nfrom sfackler/init-md
    • \r\n
  • 9de3794\r\nInitialize OpenSSL in MD constructors
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=openssl&package-manager=cargo&previous-version=0.10.64&new-version=0.10.66)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump openssl from 0.10.64 to 0.10.66 in /backend (#1240)"}},{"before":null,"after":"16c9679793ae6a07a36760d0b2675857eba9ab12","ref":"refs/heads/dependabot/cargo/backend/openssl-0.10.66","pushedAt":"2024-09-09T12:35:27.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump openssl from 0.10.64 to 0.10.66 in /backend\n\nBumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.64 to 0.10.66.\n- [Release notes](https://github.com/sfackler/rust-openssl/releases)\n- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.66)\n\n---\nupdated-dependencies:\n- dependency-name: openssl\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump openssl from 0.10.64 to 0.10.66 in /backend"}},{"before":"2fa823e5843933ac88a46ad3e0de215f56bafd7e","after":"5c691488da9d25f0b83fcadca99e5cbe7e077698","ref":"refs/heads/master","pushedAt":"2024-09-09T12:34:51.000Z","pushType":"pr_merge","commitsCount":39,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Add ability to find events by slide text & captions in search (#1189)\n\nFixes #677\r\n\r\n## For testers\r\n\r\n| [Test](https://pr1189.tobira.opencast.org/) |\r\n| --- |\r\n\r\nThis PR does not contain any changes to the search page except adding\r\nthis timeline. This is planned for later. This PR is already big enough.\r\n\r\nAlso note that the usefulness and the UX of this feature depends a lot\r\non the available data! On our test instance, roughly 2500 events have\r\nOCR'ed slide texts, while only very few have subtitles. I will try to\r\nupload more videos soon to simply have more videos with subtitles\r\navailable. Subtitle timespans are usually shorter (in the order of\r\nseconds or 10s), while the timespans associated with slide text can have\r\ndurations of many minutes.\r\n\r\n### Questions/discussions\r\n\r\n- Unlike the old video portal, this shows the actual text that was\r\nmatched (with a small context). I find this cool, but it of course\r\nsomewhat exposes how bad the OCR slide text and automatic subtitles\r\nsometimes are.\r\n- What do you think about the timeline design and how the matched text\r\nis highlighted?\r\n- Report any query that leads to \"internal server error\" please. That\r\nshould obviously never happen.\r\n\r\n\r\n### Search terms to get started\r\n\r\nWhile testing myself I found a few good queries to get started. Of\r\ncourse, do try your own ones and also try prefixes of these to see how\r\nwell it works. Also try multiple query words.\r\n- `open`: big mixed bag\r\n- `meilisearch`: finds two Tobira videos talking about Meilisearch\r\n(never mentioned in metadata)\r\n- `tycho`: finds the \"Tycho crater\" in the NASA moon video subtitles AND\r\ntext detection\r\n- `crater`: lots of usages in the subtitles of the NASA moon video\r\n- `pyroxene`: finds the mineral in NASA moon subtitles\r\n- `elasticsearch`: lots of matches in Opencast-related videos\r\n- `postgres`: showing some videos with \"postgres\" in title first (makes\r\nsense) and only then once that only mention postgres\r\n- `videoportal`: obvious Tobira videos, but also one unrelated video\r\nscreen-sharing the old ETH video portal briefly and one mentioning\r\n\"videoportal\" in its slides\r\n- `feynman`: further down lots of videos just mentioning feynman \r\n\r\n\r\n## Technical info\r\n\r\nThis PR has these main parts:\r\n- Add DB table `event_texts` (for storing all texts belonging to an\r\nevent)\r\n- Add `event_texts_queue` and process to automatically download text\r\nassets from Opencast (this is ran as part of the worker)\r\n- This was the most tricky part actually, in order to make it robust\r\nagainst random errors, OC or otherwise. To work well enough in most\r\ncases, without ever running into a super busy loop or something like\r\nthat.\r\n- Various helper sub commands to manage fetching assets\r\n- VTT and MPEG7 parsers to parse the text assets\r\n- Add texts to MeiliSearch in a special encoded form to optimize for\r\nMeili-search-performance while still allowing us to figure out the\r\ntimespans of a match\r\n- Make frontend use this data and show a timeline with matches for\r\nevents\r\n\r\nThis can be mostly reviewed commit by commit. There are two times where\r\nI move a big chunk of code around that was added in a previous commit,\r\nbut it should be fairly clear what and where.\r\n\r\nPerformance is kind of important for this one, since we are dealing with\r\npotentially lots of data. So far it seems like Meili responds within\r\n25ms in all cases I tested. That's fine, but still a big increase from\r\nbefore. We should make sure that we don't accidentally introduce some\r\nslowness. Though right now I also have no idea how we would optimize\r\nfurther....\r\n\r\nSomething I want to improve in a follow up PR: replace the busy polling\r\nin the \"download assets\" and \"update search index\" workers by\r\n`LISTEN/NOTIFY` events from Postgres. Right now, both default to 30s or\r\nsth, which means that adding an event has quite a round trip (sync + 30s\r\n+ 30s) before its text assets are searchable. That can be vastly\r\nreduced. But again, this PR is already big enough.","shortMessageHtmlLink":"Add ability to find events by slide text & captions in search (#1189)"}},{"before":"2fe8d3e39d83672bc60e79dac140ea7e38c1ec29","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/micromatch-4.0.8","pushedAt":"2024-09-04T10:57:07.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"42873fa94e9cbee169823f7a3b29c4f18c67f147","after":"2fa823e5843933ac88a46ad3e0de215f56bafd7e","ref":"refs/heads/master","pushedAt":"2024-09-04T10:57:00.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Bump micromatch from 4.0.5 to 4.0.8 in /docs (#1238)\n\nBumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5\r\nto 4.0.8.\r\n
\r\nRelease notes\r\n

Sourced from micromatch's\r\nreleases.

\r\n
\r\n

4.0.8

\r\n

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We\r\nconsider the issues low-priority, so even if you see automated scanners\r\nsaying otherwise, don't be scared.

\r\n
\r\n
\r\n
\r\nChangelog\r\n

Sourced from micromatch's\r\nchangelog.

\r\n
\r\n

[4.0.8] - 2024-08-22

\r\n
    \r\n
  • backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch
    • \r\n
\r\n

[4.0.7] - 2024-05-22

\r\n
    \r\n
  • this is basically v4.0.5, with some README updates
    • \r\n
  • it is vulnerable to CVE-2024-4067
    • \r\n
  • Updated braces to v3.0.3 to avoid CVE-2024-4068
    • \r\n
  • does NOT break API compatibility
    • \r\n
\r\n

[4.0.6] - 2024-05-21

\r\n
    \r\n
  • Added hasBraces to check if a pattern contains\r\nbraces.
    • \r\n
  • Fixes CVE-2024-4067
    • \r\n
  • BREAKS API COMPATIBILITY
    • \r\n
  • Should be labeled as a major release, but it's not.
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 8bd704e\r\n4.0.8
    • \r\n
  • a0e6841\r\nrun verb to generate README documentation
    • \r\n
  • 4ec2884\r\nMerge branch 'v4' into hauserkristof-feature/v4.0.8
    • \r\n
  • 03aa805\r\nMerge pull request #266\r\nfrom hauserkristof/feature/v4.0.8
    • \r\n
  • 814f5f7\r\nlint
    • \r\n
  • 67fcce6\r\nfix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
    • \r\n
  • 113f2e3\r\nfix: CVE numbers in CHANGELOG
    • \r\n
  • d9dbd9a\r\nfeat: updated CHANGELOG
    • \r\n
  • 2ab1315\r\nfix: use actions/setup-node@v4
    • \r\n
  • 1406ea3\r\nfeat: rework test to work on macos with node 10,12 and 14
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=micromatch&package-manager=npm_and_yarn&previous-version=4.0.5&new-version=4.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump micromatch from 4.0.5 to 4.0.8 in /docs (#1238)"}},{"before":null,"after":"2fe8d3e39d83672bc60e79dac140ea7e38c1ec29","ref":"refs/heads/dependabot/npm_and_yarn/docs/micromatch-4.0.8","pushedAt":"2024-09-04T10:43:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump micromatch from 4.0.5 to 4.0.8 in /docs\n\nBumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.\n- [Release notes](https://github.com/micromatch/micromatch/releases)\n- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/micromatch/micromatch/compare/4.0.5...4.0.8)\n\n---\nupdated-dependencies:\n- dependency-name: micromatch\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump micromatch from 4.0.5 to 4.0.8 in /docs"}},{"before":"feee111f57b0c5ef4f1d8ffb31d634fc36d93200","after":"42873fa94e9cbee169823f7a3b29c4f18c67f147","ref":"refs/heads/master","pushedAt":"2024-09-04T10:41:52.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Fix random breakages (#1236)\n\nSee commits","shortMessageHtmlLink":"Fix random breakages (#1236)"}},{"before":"1c1f0c85691fee31ebbcc99d91391f925517cfcf","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/frontend/micromatch-4.0.8","pushedAt":"2024-08-30T11:17:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"}},{"before":"cf161315bec0b33fb8f3c3c8fe461635d158a745","after":"feee111f57b0c5ef4f1d8ffb31d634fc36d93200","ref":"refs/heads/master","pushedAt":"2024-08-30T11:17:53.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Bump micromatch from 4.0.5 to 4.0.8 in /frontend (#1235)\n\nBumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5\r\nto 4.0.8.\r\n
\r\nRelease notes\r\n

Sourced from micromatch's\r\nreleases.

\r\n
\r\n

4.0.8

\r\n

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We\r\nconsider the issues low-priority, so even if you see automated scanners\r\nsaying otherwise, don't be scared.

\r\n
\r\n
\r\n
\r\nChangelog\r\n

Sourced from micromatch's\r\nchangelog.

\r\n
\r\n

[4.0.8] - 2024-08-22

\r\n
    \r\n
  • backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch
    • \r\n
\r\n

[4.0.7] - 2024-05-22

\r\n
    \r\n
  • this is basically v4.0.5, with some README updates
    • \r\n
  • it is vulnerable to CVE-2024-4067
    • \r\n
  • Updated braces to v3.0.3 to avoid CVE-2024-4068
    • \r\n
  • does NOT break API compatibility
    • \r\n
\r\n

[4.0.6] - 2024-05-21

\r\n
    \r\n
  • Added hasBraces to check if a pattern contains\r\nbraces.
    • \r\n
  • Fixes CVE-2024-4067
    • \r\n
  • BREAKS API COMPATIBILITY
    • \r\n
  • Should be labeled as a major release, but it's not.
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 8bd704e\r\n4.0.8
    • \r\n
  • a0e6841\r\nrun verb to generate README documentation
    • \r\n
  • 4ec2884\r\nMerge branch 'v4' into hauserkristof-feature/v4.0.8
    • \r\n
  • 03aa805\r\nMerge pull request #266\r\nfrom hauserkristof/feature/v4.0.8
    • \r\n
  • 814f5f7\r\nlint
    • \r\n
  • 67fcce6\r\nfix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
    • \r\n
  • 113f2e3\r\nfix: CVE numbers in CHANGELOG
    • \r\n
  • d9dbd9a\r\nfeat: updated CHANGELOG
    • \r\n
  • 2ab1315\r\nfix: use actions/setup-node@v4
    • \r\n
  • 1406ea3\r\nfeat: rework test to work on macos with node 10,12 and 14
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=micromatch&package-manager=npm_and_yarn&previous-version=4.0.5&new-version=4.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump micromatch from 4.0.5 to 4.0.8 in /frontend (#1235)"}},{"before":"1be9e069b5d9b386e4315417aad881a839165aba","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/frontend/webpack-5.94.0","pushedAt":"2024-08-30T11:17:44.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"6a5f91bf386ffb9833b00b3528fd045db501475f","after":"cf161315bec0b33fb8f3c3c8fe461635d158a745","ref":"refs/heads/master","pushedAt":"2024-08-30T11:17:38.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Bump webpack from 5.90.3 to 5.94.0 in /frontend (#1234)\n\nBumps [webpack](https://github.com/webpack/webpack) from 5.90.3 to\r\n5.94.0.\r\n
\r\nRelease notes\r\n

Sourced from webpack's\r\nreleases.

\r\n
\r\n

v5.94.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Added runtime condition for harmony reexport checked
    • \r\n
  • Handle properly\r\ndata/http/https protocols in\r\nsource maps
    • \r\n
  • Make bigint optimistic when browserslist not found
    • \r\n
  • Move @​types/eslint-scope to dev deps
    • \r\n
  • Related in asset stats is now always an array when no related\r\nfound
    • \r\n
  • Handle ASI for export declarations
    • \r\n
  • Mangle destruction incorrect with export named default properly
    • \r\n
  • Fixed unexpected asi generation with sequence expression
    • \r\n
  • Fixed a lot of types
    • \r\n
\r\n

New Features

\r\n
    \r\n
  • Added new external type "module-import"
    • \r\n
  • Support webpackIgnore for new URL()\r\nconstruction
    • \r\n
  • [CSS] @import pathinfo support
    • \r\n
\r\n

Security

\r\n
    \r\n
  • Fixed DOM clobbering in auto public path
    • \r\n
\r\n

v5.93.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Generate correct relative path to runtime chunks
    • \r\n
  • Makes DefinePlugin quieter under default log level
    • \r\n
  • Fixed mangle destructuring default in namespace import
    • \r\n
  • Fixed consumption of eager shared modules for module federation
    • \r\n
  • Strip slash for pretty regexp
    • \r\n
  • Calculate correct contenthash for CSS generator options
    • \r\n
\r\n

New Features

\r\n
    \r\n
  • Added the binary generator option for asset modules to\r\nexplicitly keep source maps produced by loaders
    • \r\n
  • Added the modern-module library value for tree shakable\r\noutput
    • \r\n
  • Added the overrideStrict option to override strict or\r\nnon-strict mode for javascript modules
    • \r\n
\r\n

v5.92.1

\r\n

Bug Fixes

\r\n
    \r\n
  • Doesn't crash with an error when the css experiment is enabled and\r\ncontenthash is used
    • \r\n
\r\n

v5.92.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Correct tidle range's comutation for module federation
    • \r\n
  • Consider runtime for pure expression dependency update hash
    • \r\n
  • Return value in the subtractRuntime function for\r\nruntime logic
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • eabf85d\r\nchore(release): 5.94.0
    • \r\n
  • 955e057\r\nsecurity: fix DOM clobbering in auto public path
    • \r\n
  • 9822387\r\ntest: fix
    • \r\n
  • cbb86ed\r\ntest: fix
    • \r\n
  • 5ac3d7f\r\nfix: unexpected asi generation with sequence expression
    • \r\n
  • 2411661\r\nsecurity: fix DOM clobbering in auto public path
    • \r\n
  • b8c03d4\r\nfix: unexpected asi generation with sequence expression
    • \r\n
  • f46a03c\r\nrevert: do not use heuristic fallback for "module-import"
    • \r\n
  • 60f1898\r\nfix: do not use heuristic fallback for "module-import"
    • \r\n
  • 66306aa\r\nRevert "fix: module-import get fallback from\r\nexternalsPresets"
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.90.3&new-version=5.94.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump webpack from 5.90.3 to 5.94.0 in /frontend (#1234)"}},{"before":null,"after":"1c1f0c85691fee31ebbcc99d91391f925517cfcf","ref":"refs/heads/dependabot/npm_and_yarn/frontend/micromatch-4.0.8","pushedAt":"2024-08-30T11:01:55.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump micromatch from 4.0.5 to 4.0.8 in /frontend\n\nBumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.\n- [Release notes](https://github.com/micromatch/micromatch/releases)\n- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/micromatch/micromatch/compare/4.0.5...4.0.8)\n\n---\nupdated-dependencies:\n- dependency-name: micromatch\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump micromatch from 4.0.5 to 4.0.8 in /frontend"}},{"before":null,"after":"1be9e069b5d9b386e4315417aad881a839165aba","ref":"refs/heads/dependabot/npm_and_yarn/frontend/webpack-5.94.0","pushedAt":"2024-08-30T11:01:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump webpack from 5.90.3 to 5.94.0 in /frontend\n\nBumps [webpack](https://github.com/webpack/webpack) from 5.90.3 to 5.94.0.\n- [Release notes](https://github.com/webpack/webpack/releases)\n- [Commits](https://github.com/webpack/webpack/compare/v5.90.3...v5.94.0)\n\n---\nupdated-dependencies:\n- dependency-name: webpack\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump webpack from 5.90.3 to 5.94.0 in /frontend"}},{"before":"e78d06e0cc1579a17094f7efce5ddca7ad3854a8","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/docs/webpack-5.94.0","pushedAt":"2024-08-30T11:00:56.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"}},{"before":"cc00d29cc30f96c9d6bf917a576d60bed437ff76","after":"6a5f91bf386ffb9833b00b3528fd045db501475f","ref":"refs/heads/master","pushedAt":"2024-08-30T11:00:49.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"owi92","name":"Ole Wieners","path":"/owi92","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/94838646?s=80&v=4"},"commit":{"message":"Bump webpack from 5.76.1 to 5.94.0 in /docs (#1233)\n\nBumps [webpack](https://github.com/webpack/webpack) from 5.76.1 to\r\n5.94.0.\r\n
\r\nRelease notes\r\n

Sourced from webpack's\r\nreleases.

\r\n
\r\n

v5.94.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Added runtime condition for harmony reexport checked
    • \r\n
  • Handle properly\r\ndata/http/https protocols in\r\nsource maps
    • \r\n
  • Make bigint optimistic when browserslist not found
    • \r\n
  • Move @​types/eslint-scope to dev deps
    • \r\n
  • Related in asset stats is now always an array when no related\r\nfound
    • \r\n
  • Handle ASI for export declarations
    • \r\n
  • Mangle destruction incorrect with export named default properly
    • \r\n
  • Fixed unexpected asi generation with sequence expression
    • \r\n
  • Fixed a lot of types
    • \r\n
\r\n

New Features

\r\n
    \r\n
  • Added new external type "module-import"
    • \r\n
  • Support webpackIgnore for new URL()\r\nconstruction
    • \r\n
  • [CSS] @import pathinfo support
    • \r\n
\r\n

Security

\r\n
    \r\n
  • Fixed DOM clobbering in auto public path
    • \r\n
\r\n

v5.93.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Generate correct relative path to runtime chunks
    • \r\n
  • Makes DefinePlugin quieter under default log level
    • \r\n
  • Fixed mangle destructuring default in namespace import
    • \r\n
  • Fixed consumption of eager shared modules for module federation
    • \r\n
  • Strip slash for pretty regexp
    • \r\n
  • Calculate correct contenthash for CSS generator options
    • \r\n
\r\n

New Features

\r\n
    \r\n
  • Added the binary generator option for asset modules to\r\nexplicitly keep source maps produced by loaders
    • \r\n
  • Added the modern-module library value for tree shakable\r\noutput
    • \r\n
  • Added the overrideStrict option to override strict or\r\nnon-strict mode for javascript modules
    • \r\n
\r\n

v5.92.1

\r\n

Bug Fixes

\r\n
    \r\n
  • Doesn't crash with an error when the css experiment is enabled and\r\ncontenthash is used
    • \r\n
\r\n

v5.92.0

\r\n

Bug Fixes

\r\n
    \r\n
  • Correct tidle range's comutation for module federation
    • \r\n
  • Consider runtime for pure expression dependency update hash
    • \r\n
  • Return value in the subtractRuntime function for\r\nruntime logic
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • eabf85d\r\nchore(release): 5.94.0
    • \r\n
  • 955e057\r\nsecurity: fix DOM clobbering in auto public path
    • \r\n
  • 9822387\r\ntest: fix
    • \r\n
  • cbb86ed\r\ntest: fix
    • \r\n
  • 5ac3d7f\r\nfix: unexpected asi generation with sequence expression
    • \r\n
  • 2411661\r\nsecurity: fix DOM clobbering in auto public path
    • \r\n
  • b8c03d4\r\nfix: unexpected asi generation with sequence expression
    • \r\n
  • f46a03c\r\nrevert: do not use heuristic fallback for "module-import"
    • \r\n
  • 60f1898\r\nfix: do not use heuristic fallback for "module-import"
    • \r\n
  • 66306aa\r\nRevert "fix: module-import get fallback from\r\nexternalsPresets"
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.76.1&new-version=5.94.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/elan-ev/tobira/network/alerts).\r\n\r\n
","shortMessageHtmlLink":"Bump webpack from 5.76.1 to 5.94.0 in /docs (#1233)"}},{"before":null,"after":"e78d06e0cc1579a17094f7efce5ddca7ad3854a8","ref":"refs/heads/dependabot/npm_and_yarn/docs/webpack-5.94.0","pushedAt":"2024-08-30T10:54:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump webpack from 5.76.1 to 5.94.0 in /docs\n\nBumps [webpack](https://github.com/webpack/webpack) from 5.76.1 to 5.94.0.\n- [Release notes](https://github.com/webpack/webpack/releases)\n- [Commits](https://github.com/webpack/webpack/compare/v5.76.1...v5.94.0)\n\n---\nupdated-dependencies:\n- dependency-name: webpack\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump webpack from 5.76.1 to 5.94.0 in /docs"}},{"before":"bc1902d23450c696953c53b76c762a7ebdeffa44","after":"cc00d29cc30f96c9d6bf917a576d60bed437ff76","ref":"refs/heads/master","pushedAt":"2024-08-13T13:24:36.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"LukasKalbertodt","name":"Lukas Kalbertodt","path":"/LukasKalbertodt","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7419664?s=80&v=4"},"commit":{"message":"Fix admin UI check workflow again, hopefully","shortMessageHtmlLink":"Fix admin UI check workflow again, hopefully"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEtXt1AAA","startCursor":null,"endCursor":null}},"title":"Activity · elan-ev/tobira"}