{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":377266193,"defaultBranch":"main","name":"carbon-for-ibm-dotcom-web-components-template","ownerLogin":"carbon-design-system","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-06-15T18:58:05.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/25179978?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1696760856.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"57603fb6cc2de5463da58a1802be2431834fb442","ref":"refs/heads/renovate/npm-postcss-vulnerability","pushedAt":"2023-10-08T10:27:32.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"renovate[bot]","name":null,"path":"/apps/renovate","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/2740?s=80&v=4"},"commit":{"message":"chore(deps): update dependency postcss to v8.4.31 [security]","shortMessageHtmlLink":"chore(deps): update dependency postcss to v8.4.31 [security]"}},{"before":null,"after":"f9934f7afd3e2badce6507b8edefbfe5958473af","ref":"refs/heads/dependabot/npm_and_yarn/postcss-8.4.31","pushedAt":"2023-10-04T00:22:19.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps-dev): bump postcss from 8.4.6 to 8.4.31\n\nBumps [postcss](https://github.com/postcss/postcss) from 8.4.6 to 8.4.31.\n- [Release notes](https://github.com/postcss/postcss/releases)\n- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/postcss/postcss/compare/8.4.6...8.4.31)\n\n---\nupdated-dependencies:\n- dependency-name: postcss\n dependency-type: direct:development\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore(deps-dev): bump postcss from 8.4.6 to 8.4.31"}},{"before":null,"after":"d4bd4e19cf229db04de811a464aedfe8dad32701","ref":"refs/heads/dependabot/npm_and_yarn/word-wrap-1.2.4","pushedAt":"2023-07-19T03:12:43.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps): bump word-wrap from 1.2.3 to 1.2.4\n\nBumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.\n- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)\n- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4)\n\n---\nupdated-dependencies:\n- dependency-name: word-wrap\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore(deps): bump word-wrap from 1.2.3 to 1.2.4"}},{"before":"b7c33e3cceaab87b0df876b0d05c13dedfa2c6e6","after":null,"ref":"refs/heads/renovate/npm-stylelint-vulnerability","pushedAt":"2023-07-13T18:45:40.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"renovate[bot]","name":null,"path":"/apps/renovate","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/2740?s=80&v=4"}},{"before":null,"after":"c8b12f4005f0808d5e10dde3a53278f7bd4c5229","ref":"refs/heads/dependabot/npm_and_yarn/semver-5.7.2","pushedAt":"2023-07-10T23:37:00.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps): bump semver from 5.7.1 to 5.7.2\n\nBumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.\n- [Release notes](https://github.com/npm/node-semver/releases)\n- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)\n- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)\n\n---\nupdated-dependencies:\n- dependency-name: semver\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore(deps): bump semver from 5.7.1 to 5.7.2"}},{"before":null,"after":"b7c33e3cceaab87b0df876b0d05c13dedfa2c6e6","ref":"refs/heads/renovate/npm-stylelint-vulnerability","pushedAt":"2023-07-07T22:08:01.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"renovate[bot]","name":null,"path":"/apps/renovate","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/2740?s=80&v=4"},"commit":{"message":"chore(deps): update dependency stylelint to v15 [security]","shortMessageHtmlLink":"chore(deps): update dependency stylelint to v15 [security]"}},{"before":null,"after":"3682172f8f62ef959ce4cb2eba35d4674df0fde1","ref":"refs/heads/dependabot/npm_and_yarn/stylelint-15.10.1","pushedAt":"2023-07-07T22:07:40.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps-dev): bump stylelint from 14.3.0 to 15.10.1\n\nBumps [stylelint](https://github.com/stylelint/stylelint) from 14.3.0 to 15.10.1.\n- [Release notes](https://github.com/stylelint/stylelint/releases)\n- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/stylelint/stylelint/compare/14.3.0...15.10.1)\n\n---\nupdated-dependencies:\n- dependency-name: stylelint\n dependency-type: direct:development\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore(deps-dev): bump stylelint from 14.3.0 to 15.10.1"}},{"before":"c84c4206fc174edd6564fca64df50705944f667b","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/actions/core-1.9.1","pushedAt":"2023-05-26T23:38:13.844Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"fea50e73e7ec9a34144f2765f3900d52fe91ce66","after":"1a439051714b4650570c3bcc9762baef59f10dbc","ref":"refs/heads/renovate/lock-file-maintenance","pushedAt":"2023-05-17T14:10:45.276Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"renovate[bot]","name":null,"path":"/apps/renovate","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/2740?s=80&v=4"},"commit":{"message":"chore(deps): lock file maintenance","shortMessageHtmlLink":"chore(deps): lock file maintenance"}},{"before":"9d6e32c5b76a1302e1150511adb7558f1912cd10","after":null,"ref":"refs/heads/renovate/npm-@actions/core-vulnerability","pushedAt":"2023-05-17T13:47:21.554Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"}},{"before":"c91d442d3f692f16bf330020e73f8cf5df854277","after":"4c393ff9d141da6a804a3f4454287a5014516011","ref":"refs/heads/main","pushedAt":"2023-05-17T13:47:20.287Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"chore(deps): update dependency @actions/core to v1.9.1 [security] (#107)\n\n[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)\n\nThis PR contains the following updates:\n\n| Package | Change | Age | Adoption | Passing | Confidence |\n|---|---|---|---|---|---|\n| [@actions/core](https://togithub.com/actions/toolkit) | [`1.6.0` -> `1.9.1`](https://renovatebot.com/diffs/npm/@actions%2fcore/1.6.0/1.9.1) | [![age](https://badges.renovateapi.com/packages/npm/@actions%2fcore/1.9.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/npm/@actions%2fcore/1.9.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/npm/@actions%2fcore/1.9.1/compatibility-slim/1.6.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/npm/@actions%2fcore/1.9.1/confidence-slim/1.6.0)](https://docs.renovatebot.com/merge-confidence/) |\n\n### GitHub Vulnerability Alerts\n\n#### [CVE-2022-35954](https://togithub.com/actions/toolkit/security/advisories/GHSA-7r3h-m5j6-3q42)\n\n## Impact\n\nThe `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values to the `GITHUB_ENV` file may cause the path or other environment variables to be modified without the intention of the workflow or action author.\n\n## Patches\n\nUsers should upgrade to `@actions/core v1.9.1`.\n\n## Workarounds\n\nIf you are unable to upgrade the `@actions/core` package, you can modify your action to ensure that any user input does not contain the delimiter `_GitHubActionsFileCommandDelimeter_` before calling `core.exportVariable`.\n\n## References\n\n[More information about setting-an-environment-variable in workflows](https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable)\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [`actions/toolkit`](https://togithub.com/actions/toolkit/issues)\n\n---\n\n### Release Notes\n\n
\nactions/toolkit\n\n### [`v1.9.1`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​191)\n\n- Randomize delimiter when calling `core.exportVariable`\n\n### [`v1.9.0`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​190)\n\n- Added `toPosixPath`, `toWin32Path` and `toPlatformPath` utilities [#​1102](https://togithub.com/actions/toolkit/pull/1102)\n\n### [`v1.8.2`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​182)\n\n- Update to v2.0.1 of `@actions/http-client` [#​1087](https://togithub.com/actions/toolkit/pull/1087)\n\n### [`v1.8.1`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​181)\n\n- Update to v2.0.0 of `@actions/http-client`\n\n### [`v1.8.0`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​180)\n\n- Deprecate `markdownSummary` extension export in favor of `summary`\n - [https://github.com/actions/toolkit/pull/1072](https://togithub.com/actions/toolkit/pull/1072)\n - [https://github.com/actions/toolkit/pull/1073](https://togithub.com/actions/toolkit/pull/1073)\n\n### [`v1.7.0`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#​170)\n\n- [Added `markdownSummary` extension](https://togithub.com/actions/toolkit/pull/1014)\n\n
\n\n---\n\n### Configuration\n\n📅 **Schedule**: Branch creation - \"\" (UTC), Automerge - At any time (no schedule defined).\n\n🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.\n\n♻ **Rebasing**: Never, or you tick the rebase/retry checkbox.\n\n🔕 **Ignore**: Close this PR and you won't be reminded about this update again.\n\n---\n\n - [ ] If you want to rebase/retry this PR, click this checkbox.\n\n---\n\nThis PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/carbon-design-system/carbon-for-ibm-dotcom-web-components-template).\n","shortMessageHtmlLink":"chore(deps): update dependency @actions/core to v1.9.1 [security] (#107)"}},{"before":"f805b513d68c6cbcdbef616a6a2ca75ab3cbea45","after":"9d6e32c5b76a1302e1150511adb7558f1912cd10","ref":"refs/heads/renovate/npm-@actions/core-vulnerability","pushedAt":"2023-05-17T13:42:07.895Z","pushType":"push","commitsCount":14,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"Merge branch 'main' into renovate/npm-@actions/core-vulnerability","shortMessageHtmlLink":"Merge branch 'main' into renovate/npm-@actions/core-vulnerability"}},{"before":"6bfdc75e82e287a589b1705d47f44b24abd0909f","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/socket.io-parser-3.3.3","pushedAt":"2023-05-17T13:41:58.770Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"}},{"before":"d8b3c69d52495613f3e3499fed6eb27f37d5df8d","after":"c91d442d3f692f16bf330020e73f8cf5df854277","ref":"refs/heads/main","pushedAt":"2023-05-17T13:41:57.512Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"chore(deps): bump socket.io-parser from 3.3.2 to 3.3.3 (#108)\n\nBumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.\n
\nChangelog\n

Sourced from socket.io-parser's changelog.

\n
\n

3.3.3 (2022-11-09)

\n

Bug Fixes

\n
    \n
  • check the format of the index of each attachment (fb21e42)
    • \n
\n

3.4.2 (2022-11-09)

\n

Bug Fixes

\n
    \n
  • check the format of the index of each attachment (04d23ce)
    • \n
\n

4.2.1 (2022-06-27)

\n

Bug Fixes

\n
    \n
  • check the format of the index of each attachment (b5d0cb7)
    • \n
\n

4.0.5 (2022-06-27)

\n

Bug Fixes

\n
    \n
  • check the format of the index of each attachment (b559f05)
    • \n
\n

4.2.0 (2022-04-17)

\n

Features

\n
    \n
  • allow the usage of custom replacer and reviver (#112) (b08bc1a)
    • \n
\n

4.1.2 (2022-02-17)

\n

Bug Fixes

\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket.io-parser&package-manager=npm_and_yarn&previous-version=3.3.2&new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/carbon-design-system/carbon-for-ibm-dotcom-web-components-template/network/alerts).\n\n
> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","shortMessageHtmlLink":"chore(deps): bump socket.io-parser from 3.3.2 to 3.3.3 (#108)"}},{"before":"3ef4ef793c9d775ed2a3e17ae41849dc1fd5e491","after":"6bfdc75e82e287a589b1705d47f44b24abd0909f","ref":"refs/heads/dependabot/npm_and_yarn/socket.io-parser-3.3.3","pushedAt":"2023-05-17T13:37:34.538Z","pushType":"push","commitsCount":6,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"Merge branch 'main' into dependabot/npm_and_yarn/socket.io-parser-3.3.3","shortMessageHtmlLink":"Merge branch 'main' into dependabot/npm_and_yarn/socket.io-parser-3.3.3"}},{"before":"c92133e5b290afee053eeede6c5c980cd7195d5e","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/decode-uri-component-0.2.2","pushedAt":"2023-05-17T13:37:26.463Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"}},{"before":"aef7394e7b7b0fa292bd4e3717baee4fd1b1aff4","after":"d8b3c69d52495613f3e3499fed6eb27f37d5df8d","ref":"refs/heads/main","pushedAt":"2023-05-17T13:37:23.709Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#109)\n\nBumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.\n
\nRelease notes\n

Sourced from decode-uri-component's releases.

\n
\n

v0.2.2

\n
    \n
  • Prevent overwriting previously decoded tokens 980e0bf
    • \n
\n

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

\n

v0.2.1

\n
    \n
  • Switch to GitHub workflows 76abc93
    • \n
  • Fix issue where decode throws - fixes #6 746ca5d
    • \n
  • Update license (#1) 486d7e2
    • \n
  • Tidelift tasks a650457
    • \n
  • Meta tweaks 66e1c28
    • \n
\n

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

\n
\n
\n
\nCommits\n\n
\n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=decode-uri-component&package-manager=npm_and_yarn&previous-version=0.2.0&new-version=0.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/carbon-design-system/carbon-for-ibm-dotcom-web-components-template/network/alerts).\n\n
> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","shortMessageHtmlLink":"chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#109)"}},{"before":"af837bb7115e884253580324c2dce8d1535a97f3","after":"c92133e5b290afee053eeede6c5c980cd7195d5e","ref":"refs/heads/dependabot/npm_and_yarn/decode-uri-component-0.2.2","pushedAt":"2023-05-17T13:32:43.622Z","pushType":"push","commitsCount":5,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"Merge branch 'main' into dependabot/npm_and_yarn/decode-uri-component-0.2.2","shortMessageHtmlLink":"Merge branch 'main' into dependabot/npm_and_yarn/decode-uri-component…"}},{"before":"3205d0fd582c000cdc22ed5f07196f06262a15c8","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/express-4.18.2","pushedAt":"2023-05-17T13:32:31.406Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"}},{"before":"b5676b6c29a7f7a6f6b59a26378b4526e3735a66","after":"aef7394e7b7b0fa292bd4e3717baee4fd1b1aff4","ref":"refs/heads/main","pushedAt":"2023-05-17T13:32:29.942Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"chore(deps): bump express from 4.17.2 to 4.18.2 (#110)\n\nBumps [express](https://github.com/expressjs/express) from 4.17.2 to 4.18.2.\n
\nRelease notes\n

Sourced from express's releases.

\n
\n

4.18.2

\n
    \n
  • Fix regression routing a large stack in a single route
    • \n
  • deps: body-parser@1.20.1\n
      \n
    • deps: qs@6.11.0
      • \n
    • perf: remove unnecessary object clone
      • \n
    \n
    • \n
  • deps: qs@6.11.0
    • \n
\n

4.18.1

\n
    \n
  • Fix hanging on large stack of sync routes
    • \n
\n

4.18.0

\n
    \n
  • Add "root" option to res.download
    • \n
  • Allow options without filename in res.download
    • \n
  • Deprecate string and non-integer arguments to res.status
    • \n
  • Fix behavior of null/undefined as maxAge in res.cookie
    • \n
  • Fix handling very large stacks of sync middleware
    • \n
  • Ignore Object.prototype values in settings through app.set/app.get
    • \n
  • Invoke default with same arguments as types in res.format
    • \n
  • Support proper 205 responses using res.send
    • \n
  • Use http-errors for res.format error
    • \n
  • deps: body-parser@1.20.0\n
      \n
    • Fix error message for json parse whitespace in strict
      • \n
    • Fix internal error when inflated body exceeds limit
      • \n
    • Prevent loss of async hooks context
      • \n
    • Prevent hanging when request already read
      • \n
    • deps: depd@2.0.0
      • \n
    • deps: http-errors@2.0.0
      • \n
    • deps: on-finished@2.4.1
      • \n
    • deps: qs@6.10.3
      • \n
    • deps: raw-body@2.5.1
      • \n
    \n
    • \n
  • deps: cookie@0.5.0\n
      \n
    • Add priority option
      • \n
    • Fix expires option to reject invalid dates
      • \n
    \n
    • \n
  • deps: depd@2.0.0\n
      \n
    • Replace internal eval usage with Function constructor
      • \n
    • Use instance methods on process to check for listeners
      • \n
    \n
    • \n
  • deps: finalhandler@1.2.0\n
      \n
    • Remove set content headers that break response
      • \n
    • deps: on-finished@2.4.1
      • \n
    • deps: statuses@2.0.1
      • \n
    \n
    • \n
  • deps: on-finished@2.4.1\n
      \n
    • Prevent loss of async hooks context
      • \n
    \n
    • \n
  • deps: qs@6.10.3
    • \n
  • deps: send@0.18.0\n
      \n
    • Fix emitted 416 error missing headers property
      • \n
    • Limit the headers removed for 304 response
      • \n
    • deps: depd@2.0.0
      • \n
    • deps: destroy@1.2.0
      • \n
    • deps: http-errors@2.0.0
      • \n
    • deps: on-finished@2.4.1
      • \n
    \n
    • \n
\n\n
\n

... (truncated)

\n
\n
\nChangelog\n

Sourced from express's changelog.

\n
\n

4.18.2 / 2022-10-08

\n
    \n
  • Fix regression routing a large stack in a single route
    • \n
  • deps: body-parser@1.20.1\n
      \n
    • deps: qs@6.11.0
      • \n
    • perf: remove unnecessary object clone
      • \n
    \n
    • \n
  • deps: qs@6.11.0
    • \n
\n

4.18.1 / 2022-04-29

\n
    \n
  • Fix hanging on large stack of sync routes
    • \n
\n

4.18.0 / 2022-04-25

\n
    \n
  • Add "root" option to res.download
    • \n
  • Allow options without filename in res.download
    • \n
  • Deprecate string and non-integer arguments to res.status
    • \n
  • Fix behavior of null/undefined as maxAge in res.cookie
    • \n
  • Fix handling very large stacks of sync middleware
    • \n
  • Ignore Object.prototype values in settings through app.set/app.get
    • \n
  • Invoke default with same arguments as types in res.format
    • \n
  • Support proper 205 responses using res.send
    • \n
  • Use http-errors for res.format error
    • \n
  • deps: body-parser@1.20.0\n
      \n
    • Fix error message for json parse whitespace in strict
      • \n
    • Fix internal error when inflated body exceeds limit
      • \n
    • Prevent loss of async hooks context
      • \n
    • Prevent hanging when request already read
      • \n
    • deps: depd@2.0.0
      • \n
    • deps: http-errors@2.0.0
      • \n
    • deps: on-finished@2.4.1
      • \n
    • deps: qs@6.10.3
      • \n
    • deps: raw-body@2.5.1
      • \n
    \n
    • \n
  • deps: cookie@0.5.0\n
      \n
    • Add priority option
      • \n
    • Fix expires option to reject invalid dates
      • \n
    \n
    • \n
  • deps: depd@2.0.0\n
      \n
    • Replace internal eval usage with Function constructor
      • \n
    • Use instance methods on process to check for listeners
      • \n
    \n
    • \n
  • deps: finalhandler@1.2.0\n
      \n
    • Remove set content headers that break response
      • \n
    • deps: on-finished@2.4.1
      • \n
    • deps: statuses@2.0.1
      • \n
    \n
    • \n
  • deps: on-finished@2.4.1\n
      \n
    • Prevent loss of async hooks context
      • \n
    \n
    • \n
  • deps: qs@6.10.3
    • \n
  • deps: send@0.18.0
    • \n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n\n
\n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=4.17.2&new-version=4.18.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/carbon-design-system/carbon-for-ibm-dotcom-web-components-template/network/alerts).\n\n
> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","shortMessageHtmlLink":"chore(deps): bump express from 4.17.2 to 4.18.2 (#110)"}},{"before":"3358b5067a206970cecbc11bc7a179d92bde83b9","after":"3205d0fd582c000cdc22ed5f07196f06262a15c8","ref":"refs/heads/dependabot/npm_and_yarn/express-4.18.2","pushedAt":"2023-05-17T13:27:15.343Z","pushType":"push","commitsCount":4,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"Merge branch 'main' into dependabot/npm_and_yarn/express-4.18.2","shortMessageHtmlLink":"Merge branch 'main' into dependabot/npm_and_yarn/express-4.18.2"}},{"before":"3a3f7e911c0edae75b453059b0263858c9460eda","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/got-11.8.6","pushedAt":"2023-05-17T13:27:05.471Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"}},{"before":"8470efb73add3d9315a78f38f4ec61fb0e9635f0","after":"b5676b6c29a7f7a6f6b59a26378b4526e3735a66","ref":"refs/heads/main","pushedAt":"2023-05-17T13:27:02.038Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kodiakhq[bot]","name":null,"path":"/apps/kodiakhq","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29196?s=80&v=4"},"commit":{"message":"chore(deps): bump got from 11.8.3 to 11.8.6 (#111)\n\nBumps [got](https://github.com/sindresorhus/got) from 11.8.3 to 11.8.6.\n
\nRelease notes\n

Sourced from got's releases.

\n
\n

v11.8.6

\n
    \n
  • Destroy request object after successful response
    • \n
\n

https://github.com/sindresorhus/got/compare/v11.8.5...v11.8.6

\n

v11.8.5

\n\n

https://github.com/sindresorhus/got/compare/v11.8.4...v11.8.5

\n
\n
\n
\nCommits\n\n
\n
\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=got&package-manager=npm_and_yarn&previous-version=11.8.3&new-version=11.8.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/carbon-design-system/carbon-for-ibm-dotcom-web-components-template/network/alerts).\n\n
> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","shortMessageHtmlLink":"chore(deps): bump got from 11.8.3 to 11.8.6 (#111)"}},{"before":"e69aadb7b740c7d8e0b8c350de805afd59928a7f","after":"3a3f7e911c0edae75b453059b0263858c9460eda","ref":"refs/heads/dependabot/npm_and_yarn/got-11.8.6","pushedAt":"2023-05-17T13:22:13.095Z","pushType":"push","commitsCount":3,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"},"commit":{"message":"Merge branch 'main' into dependabot/npm_and_yarn/got-11.8.6","shortMessageHtmlLink":"Merge branch 'main' into dependabot/npm_and_yarn/got-11.8.6"}},{"before":"fd6cfa0e6270b846175758c7bd50ec44c6a905a9","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/http-cache-semantics-4.1.1","pushedAt":"2023-05-17T13:21:57.417Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"}},{"before":"4a6cd09cb544cfdfcf6eb2ff5d5e53903d98ef09","after":"8470efb73add3d9315a78f38f4ec61fb0e9635f0","ref":"refs/heads/main","pushedAt":"2023-05-17T13:21:56.136Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"},"commit":{"message":"chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#112)\n\nBumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.\r\n- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)\r\n- [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1)\r\n\r\n---\r\nupdated-dependencies:\r\n- dependency-name: http-cache-semantics\r\n dependency-type: indirect\r\n...\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\r\nCo-authored-by: Jeff Chew ","shortMessageHtmlLink":"chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#112)"}},{"before":"ea30005190cb843d557bf6c6c8b7501414649bd1","after":"fd6cfa0e6270b846175758c7bd50ec44c6a905a9","ref":"refs/heads/dependabot/npm_and_yarn/http-cache-semantics-4.1.1","pushedAt":"2023-05-16T19:02:38.874Z","pushType":"push","commitsCount":2,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"},"commit":{"message":"Merge branch 'main' into dependabot/npm_and_yarn/http-cache-semantics-4.1.1","shortMessageHtmlLink":"Merge branch 'main' into dependabot/npm_and_yarn/http-cache-semantics…"}},{"before":"7c77b0cad67b9e33fe8f28de3badec64f10d8f3d","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/terser-4.8.1","pushedAt":"2023-05-16T19:02:17.152Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"}},{"before":"25a96eb8fac37719568010f55e0b2323b06c911c","after":"4a6cd09cb544cfdfcf6eb2ff5d5e53903d98ef09","ref":"refs/heads/main","pushedAt":"2023-05-16T19:02:15.882Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"jeffchew","name":"Jeff Chew","path":"/jeffchew","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1641214?s=80&v=4"},"commit":{"message":"chore(deps): bump terser from 4.8.0 to 4.8.1 (#105)\n\nBumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1.\r\n- [Release notes](https://github.com/terser/terser/releases)\r\n- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)\r\n- [Commits](https://github.com/terser/terser/commits)\r\n\r\n---\r\nupdated-dependencies:\r\n- dependency-name: terser\r\n dependency-type: indirect\r\n...\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"chore(deps): bump terser from 4.8.0 to 4.8.1 (#105)"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADkgX8LAA","startCursor":null,"endCursor":null}},"title":"Activity · carbon-design-system/carbon-for-ibm-dotcom-web-components-template"}