[GitHub] [incubator-annotator-website] dependabot[bot] opened a new pull request, #34: Bump minimist from 1.2.5 to 1.2.8

[via GitHub]

dependabot[bot] opened a new pull request, #34:
URL: https://github.com/apache/incubator-annotator-website/pull/34

   Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8.
   
   Changelog
   Sourced from https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md";>minimist's 
changelog.
   
   https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8";>v1.2.8
 - 2023-02-09
   Merged
   
   [Fix] Fix long option followed by single dash https://github-redirect.dependabot.com/minimistjs/minimist/pull/17";>[#17](https://github.com/minimistjs/minimist/issues/17)
   [Tests] Remove duplicate test https://github-redirect.dependabot.com/minimistjs/minimist/pull/12";>[#12](https://github.com/minimistjs/minimist/issues/12)
   [Fix] opt.string works with multiple aliases https://github-redirect.dependabot.com/minimistjs/minimist/pull/10";>[#10](https://github.com/minimistjs/minimist/issues/10)
   
   Fixed
   
   [Fix] Fix long option followed by single dash (https://github-redirect.dependabot.com/minimistjs/minimist/issues/17";>#17)
 https://github-redirect.dependabot.com/minimistjs/minimist/issues/15";>[#15](https://github.com/minimistjs/minimist/issues/15)
   [Tests] Remove duplicate test (https://github-redirect.dependabot.com/minimistjs/minimist/issues/12";>#12)
 https://github-redirect.dependabot.com/minimistjs/minimist/issues/8";>[#8](https://github.com/minimistjs/minimist/issues/8)
   [Fix] Fix long option followed by single dash https://github-redirect.dependabot.com/minimistjs/minimist/issues/15";>[#15](https://github.com/minimistjs/minimist/issues/15)
   [Fix] opt.string works with multiple aliases (https://github-redirect.dependabot.com/minimistjs/minimist/issues/10";>#10)
 https://github-redirect.dependabot.com/minimistjs/minimist/issues/9";>[#9](https://github.com/minimistjs/minimist/issues/9)
   [Fix] Fix handling of short option with non-trivial equals https://github-redirect.dependabot.com/minimistjs/minimist/issues/5";>[#5](https://github.com/minimistjs/minimist/issues/5)
   [Tests] Remove duplicate test https://github-redirect.dependabot.com/minimistjs/minimist/issues/8";>[#8](https://github.com/minimistjs/minimist/issues/8)
   [Fix] opt.string works with multiple aliases https://github-redirect.dependabot.com/minimistjs/minimist/issues/9";>[#9](https://github.com/minimistjs/minimist/issues/9)
   
   Commits
   
   Merge tag 'v0.2.3' https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da";>a026794
   [eslint] fix indentation and whitespace https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70";>5368ca4
   [eslint] fix indentation and whitespace https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7";>e5f5067
   [eslint] more cleanup https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976";>62fde7d
   [eslint] more cleanup https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1";>36ac5d0
   [meta] add auto-changelog https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c";>73923d2
   [actions] add reusable workflows https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91";>d80727d
   [eslint] add eslint; rules to enable later are warnings https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4";>48bc06a
   [eslint] fix indentation https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982";>34b0f1c
   [readme] rename and add badges https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0";>5df0fe4
   [Dev Deps] switch from covert to nyc https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07";>a48b128
   [Dev Deps] update covert, tape; remove 
unnecessary tap https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b";>f0fb958
   [meta] create FUNDING.yml; add funding in package.json https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa";>3639e0c
   [meta] use npmignore to autogenerate an npmignore file https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e";>be2e038
   Only apps should have lockfiles https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf";>282b570
   isConstructorOrProto adapted from PR https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11";>ef9153f
   [Dev Deps] update @ljharb/eslint-config, aud 
https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79";>098873c
   [Dev Deps] update @ljharb/eslint-config, aud 
https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4";>3124ed3
   [meta] add safe-publish-latest https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6";>4

[GitHub] [incubator-annotator-website] dependabot[bot] closed pull request #29: Bump minimist from 1.2.5 to 1.2.6

[via GitHub]

dependabot[bot] closed pull request #29: Bump minimist from 1.2.5 to 1.2.6
URL: https://github.com/apache/incubator-annotator-website/pull/29


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #29: Bump minimist from 1.2.5 to 1.2.6

[via GitHub]

dependabot[bot] commented on PR #29:
URL: 
https://github.com/apache/incubator-annotator-website/pull/29#issuecomment-1455122955

   Superseded by #34.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] opened a new pull request, #35: Bump lodash from 4.17.20 to 4.17.21

[via GitHub]

dependabot[bot] opened a new pull request, #35:
URL: https://github.com/apache/incubator-annotator-website/pull/35

   Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
   
   Commits
   
   https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538";>f299b52
 Bump to v4.17.21
   https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a";>c4847eb
 Improve performance of toNumber, trim and 
trimEnd on large input strings
   https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c";>3469357
 Prevent command injection through _.template's 
variable option
   See full diff in https://github.com/lodash/lodash/compare/4.17.20...4.17.21";>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash&package-manager=npm_and_yarn&previous-version=4.17.20&new-version=4.17.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts 
page](https://github.com/apache/incubator-annotator-website/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] Claudenw opened a new issue, #143: DOAP file has an error

[via GitHub]

Claudenw opened a new issue, #143:
URL: https://github.com/apache/incubator-annotator/issues/143

   The DOAP file as referenced by 
https://svn.apache.org/repos/asf/comdev/projects.apache.org/trunk/data/projects.xml
 is found at https://annotator.apache.org/doap.rdf does not parse correctly.
   
   The error returned is:
   [line: 38, col: 88] {W002} 
 Code: 
0/ILLEGAL_CHARACTER in PORT: The character violates the grammar rules for 
URIs/IRIs.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] opened a new pull request, #36: Bump nunjucks from 3.2.2 to 3.2.4

[via GitHub]

dependabot[bot] opened a new pull request, #36:
URL: https://github.com/apache/incubator-annotator-website/pull/36

   Bumps [nunjucks](https://github.com/mozilla/nunjucks) from 3.2.2 to 3.2.4.
   
   Release notes
   Sourced from https://github.com/mozilla/nunjucks/releases";>nunjucks's 
releases.
   
   v3.2.4
   What's Changed
   
   fix: html encode backslashes if used with escape filter or autoescape by 
https://github.com/fdintino";>@​fdintino in https://redirect.github.com/mozilla/nunjucks/pull/1437";>mozilla/nunjucks#1437.
 Fixes https://github.com/mozilla/nunjucks/security/advisories/GHSA-x77j-w7wf-fjmw";>CVE-2023-2142
([bugzilla https://redirect.github.com/mozilla/nunjucks/issues/1825980";>#1825980](https://bugzilla.mozilla.org/show_bug.cgi?id=1825980";>https://bugzilla.mozilla.org/show_bug.cgi?id=1825980))
   
   Full Changelog: https://github.com/mozilla/nunjucks/compare/v3.2.3...v3.2.4";>https://github.com/mozilla/nunjucks/compare/v3.2.3...v3.2.4
   v3.2.3
   
   Add support for nested attributes on https://mozilla.github.io/nunjucks/templating.html#sort-arr-reverse-casesens-attr";>sort
 filter; respect throwOnUndefined if sort attribute is 
undefined.
   Add base arg to https://mozilla.github.io/nunjucks/templating.html#int";>int 
filter.
   Move chokidar to peerDependencies and mark it 
optional in peerDependenciesMeta.
   Fix prototype pollution issue for template variables. Merge of https://redirect.github.com/mozilla/nunjucks/pull/1330";>#1330; fixes 
https://redirect.github.com/mozilla/nunjucks/issues/1331";>#1331. 
Thanks https://github.com/ChenKS12138";>ChenKS12138!
   
   
   
   
   Changelog
   Sourced from https://github.com/mozilla/nunjucks/blob/master/CHANGELOG.md";>nunjucks's 
changelog.
   
   3.2.4 (Apr 13 2023)
   
   HTML encode backslashes when expressions are passed through the escape
   filter (including when this is done automatically with autoescape). Merge
   of https://redirect.github.com/mozilla/nunjucks/pull/1437";>#1437.
   
   3.2.3 (Feb 15 2021)
   
   Add support for nested attributes on
   https://mozilla.github.io/nunjucks/templating.html#sort-arr-reverse-casesens-attr";>sort
 filter;
   respect throwOnUndefined if sort attribute is undefined.
   Add base arg to
   https://mozilla.github.io/nunjucks/templating.html#int";>int 
filter.
   Move chokidar to peerDependencies and mark it 
optional in peerDependenciesMeta.
   Fix prototype pollution issue for template variables. Merge of
   https://redirect.github.com/mozilla/nunjucks/pull/1330";>#1330; 
fixes
   https://redirect.github.com/mozilla/nunjucks/issues/1331";>#1331. 
Thanks
   https://github.com/ChenKS12138";>ChenKS12138!
   
   
   
   
   Commits
   
   https://github.com/mozilla/nunjucks/commit/86a77f49da4779d55414d8337e1a4d7ec7582da5";>86a77f4
 Release v3.2.4
   https://github.com/mozilla/nunjucks/commit/ec16d210e7e13f862eccdb0bc9af9f60ff6749d6";>ec16d21
 fix: html encode backslashes if used with escape filter or autoescape (https://redirect.github.com/mozilla/nunjucks/issues/1437";>#1437)
   https://github.com/mozilla/nunjucks/commit/fd500902d7c88672470c87170796de52fc0f791a";>fd50090
 Release v3.2.3
   https://github.com/mozilla/nunjucks/commit/d34fdbff8509327db7ab15b3672b3005b89a229a";>d34fdbf
 Temporarily comment out codecov action
   https://github.com/mozilla/nunjucks/commit/cefad417c24ee29a4216d3ada65ce2d28c0b1566";>cefad41
 Replace README.md travis badge with github actions
   https://github.com/mozilla/nunjucks/commit/7601ff4f5ad906f73b00dc19e48916cd3e1bfd08";>7601ff4
 Fixup github actions workflow file
   https://github.com/mozilla/nunjucks/commit/de9dc674a42a1bcfb53afb6be947b3756b140020";>de9dc67
 Add GitHub Workflow for tests. fixes https://redirect.github.com/mozilla/nunjucks/issues/1333";>#1333
   https://github.com/mozilla/nunjucks/commit/aa9e5b9ef1262250630985aa5667819a4f8c4e4d";>aa9e5b9
 Fix prototype pollution security issue. fixes https://redirect.github.com/mozilla/nunjucks/issues/1331";>#1331
   https://github.com/mozilla/nunjucks/commit/f51afa3382eab27ccb216c0f302832e5a4135ac5";>f51afa3
 Move chokidar to peerDependencies and make it optional via 
peerDependenciesMe...
   https://github.com/mozilla/nunjucks/commit/f91f1c3fd14fde683e71a61563e46b547c9160e4";>f91f1c3
 Fix groupby example formatting
   Additional commits viewable in https://github.com/mozilla/nunjucks/compare/v3.2.2...v3.2.4";>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nunjucks&package-manager=npm_and_yarn&previous-version=3.2.2&new-version=3.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # 

[GitHub] [incubator-annotator] Tialisa opened a new issue, #144: Betterlogzmax

[via GitHub]

Tialisa opened a new issue, #144:
URL: https://github.com/apache/incubator-annotator/issues/144

   The future is betterlogzmax


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] opened a new pull request, #37: Bump semver from 5.7.1 to 5.7.2

[via GitHub]

dependabot[bot] opened a new pull request, #37:
URL: https://github.com/apache/incubator-annotator-website/pull/37

   Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
   
   Release notes
   Sourced from https://github.com/npm/node-semver/releases";>semver's 
releases.
   
   v5.7.2
   https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2";>5.7.2 
(2023-07-10)
   Bug Fixes
   
   https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0";>2f8fd41
 https://redirect.github.com/npm/node-semver/pull/585";>#585 better 
handling of whitespace (https://redirect.github.com/npm/node-semver/issues/585";>#585) (https://github.com/joaomoreno";>@​joaomoreno, https://github.com/lukekarrys";>@​lukekarrys)
   
   
   
   
   Changelog
   Sourced from https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md";>semver's 
changelog.
   
   https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2";>5.7.2 
(2023-07-10)
   Bug Fixes
   
   https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0";>2f8fd41
 https://redirect.github.com/npm/node-semver/pull/585";>#585 better 
handling of whitespace (https://redirect.github.com/npm/node-semver/issues/585";>#585) (https://github.com/joaomoreno";>@​joaomoreno, https://github.com/lukekarrys";>@​lukekarrys)
   
   5.7
   
   Add minVersion method
   
   5.6
   
   Move boolean loose param to an options object, with
   backwards-compatibility protection.
   Add ability to opt out of special prerelease version handling with
   the includePrerelease option flag.
   
   5.5
   
   Add version coercion capabilities
   
   5.4
   
   Add intersection checking
   
   5.3
   
   Add minSatisfying method
   
   5.2
   
   Add prerelease(v) that returns prerelease components
   
   5.1
   
   Add Backus-Naur for ranges
   Remove excessively cute inspection methods
   
   5.0
   
   Remove AMD/Browserified build artifacts
   Fix ltr and gtr when using the * range
   Fix for range * with a prerelease identifier
   
   
   
   
   Commits
   
   https://github.com/npm/node-semver/commit/f8cc313550691a50d9662d8c94f0c033717efd7d";>f8cc313
 chore: release 5.7.2
   https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0";>2f8fd41
 fix: better handling of whitespace (https://redirect.github.com/npm/node-semver/issues/585";>#585)
   https://github.com/npm/node-semver/commit/deb5ad51bf58868fa243c1683775305fe9e0e365";>deb5ad5
 chore: @​npmcli/template-osshttps://github.com/4";>@​4.16.0
   See full diff in https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2";>compare 
view
   
   
   
   Maintainer changes
   This version was pushed to npm by https://www.npmjs.com/~lukekarrys";>lukekarrys, a new releaser for 
semver since your current version.
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=semver&package-manager=npm_and_yarn&previous-version=5.7.1&new-version=5.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts 
page](https://github.com/apache/incubator-annotator-website/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to t

[GitHub] [incubator-annotator] dependabot[bot] opened a new pull request, #145: Bump word-wrap from 1.2.3 to 1.2.4

[via GitHub]

dependabot[bot] opened a new pull request, #145:
URL: https://github.com/apache/incubator-annotator/pull/145

   Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 
1.2.4.
   
   Release notes
   Sourced from https://github.com/jonschlinkert/word-wrap/releases";>word-wrap's 
releases.
   
   1.2.4
   What's Changed
   
   Remove default indent by https://github.com/mohd-akram";>@​mohd-akram in https://redirect.github.com/jonschlinkert/word-wrap/pull/24";>jonschlinkert/word-wrap#24
   🔒fix: CVE 2023 26115 (2) by https://github.com/OlafConijn";>@​OlafConijn in https://redirect.github.com/jonschlinkert/word-wrap/pull/41";>jonschlinkert/word-wrap#41
   :lock: fix: CVE-2023-26115 by https://github.com/aashutoshrathi";>@​aashutoshrathi in 
https://redirect.github.com/jonschlinkert/word-wrap/pull/33";>jonschlinkert/word-wrap#33
   chore: publish workflow by https://github.com/OlafConijn";>@​OlafConijn in https://redirect.github.com/jonschlinkert/word-wrap/pull/42";>jonschlinkert/word-wrap#42
   
   New Contributors
   
   https://github.com/mohd-akram";>@​mohd-akram 
made their first contribution in https://redirect.github.com/jonschlinkert/word-wrap/pull/24";>jonschlinkert/word-wrap#24
   https://github.com/OlafConijn";>@​OlafConijn 
made their first contribution in https://redirect.github.com/jonschlinkert/word-wrap/pull/41";>jonschlinkert/word-wrap#41
   https://github.com/aashutoshrathi";>@​aashutoshrathi made 
their first contribution in https://redirect.github.com/jonschlinkert/word-wrap/pull/33";>jonschlinkert/word-wrap#33
   
   Full Changelog: https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4";>https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4
   
   
   
   Commits
   
   https://github.com/jonschlinkert/word-wrap/commit/f64b188c7261d26b99e1e2075d6b12f21798e83a";>f64b188
 run verb to generate README
   https://github.com/jonschlinkert/word-wrap/commit/03ea08256ba0c8e8b02b1b304f0f5bd2b1863207";>03ea082
 Merge pull request https://redirect.github.com/jonschlinkert/word-wrap/issues/42";>#42 
from jonschlinkert/chore/publish-workflow
   https://github.com/jonschlinkert/word-wrap/commit/420dce9a2412b21881202b73a3c34f0edc53cb2e";>420dce9
 Merge pull request https://redirect.github.com/jonschlinkert/word-wrap/issues/41";>#41 
from jonschlinkert/fix/CVE-2023-26115-2
   https://github.com/jonschlinkert/word-wrap/commit/bfa694edf55bb84ff84512f13da6d68bf7593f06";>bfa694e
 Update .github/workflows/publish.yml
   https://github.com/jonschlinkert/word-wrap/commit/ace0b3c78f81aaf43040bab3bc91d3c5546d3fd2";>ace0b3c
 chore: bump version to 1.2.4
   https://github.com/jonschlinkert/word-wrap/commit/6fd727594676f3e1b196b08a320908bec2f4ca02";>6fd7275
 chore: add publish workflow
   https://github.com/jonschlinkert/word-wrap/commit/30d6daf60fce429f5f559252fa86ee78200652c4";>30d6daf
 chore: fix test
   https://github.com/jonschlinkert/word-wrap/commit/655929cabea6299dddf3b4a21fc3713fca701b48";>655929c
 chore: remove package-lock
   https://github.com/jonschlinkert/word-wrap/commit/49e08bbc32a84da5d79e6b7e0fa74ff6217f6d81";>49e08bb
 chore: added an additional testcase
   https://github.com/jonschlinkert/word-wrap/commit/9f626935f3fac6ec0f3c4b26baea4eb9740d9645";>9f62693
 fix: cve 2023-26115
   Additional commits viewable in https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4";>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=word-wrap&package-manager=npm_and_yarn&previous-version=1.2.3&new-version=1.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
De

[GitHub] [incubator-annotator-website] BigBlueHat opened a new issue, #38: Board Report: October 2023

[via GitHub]

BigBlueHat opened a new issue, #38:
URL: https://github.com/apache/incubator-annotator-website/issues/38

   Important unfinished issues list is based on the [February 2023 Board 
Report](https://cwiki.apache.org/confluence/display/INCUBATOR/February2023#annotator).
   
   
   ## Annotator
   
   Annotator provides annotation enabling code for browsers, servers, and
   humans.
   
   Annotator has been incubating since 2016-08-30.
   
   ### Three most important unfinished issues to address before graduating:
   
 1.Incubation issues identified by Whimsy still need addressing.
 2.Project activity is very low.
 3.Release activity is very low.
   
   ### Are there any issues that the IPMC or ASF Board need to be aware of?
   
   The project and community has remained quiet through 2023. We are attempting 
again to revitalize the community by...
   a) simplifying build tooling--both for making releases and for use within 
other projects
   b) communicating and coordinating future planning on the mailing list with 
other contributors (who we hope will "reactivate")
   c) working to move the project closer to the needs of higher level Web 
developers who need "drop-in" annotation help (vs. our current low level 
"advanced" library only)
   
   ### How has the community developed since the last report?
   
   Minimal activity on the mailing list.
   
   ### How has the project developed since the last report?
   
   No code since last board report.
   
   ### How would you assess the podling's maturity?
   Please feel free to add your own commentary.
   
 - [x] Initial setup
 - [x] Working towards first release
 - [x] Community building
 - [ ] Nearing graduation
 - [ ] Other:
   
   ### Date of last release:
   
 2022-05-05
   
   ### When were the last committers or PPMC members elected?
   
 2022-08-17
   
   ### Have your mentors been helpful and responsive?
   
   Mentors have been helpful when engaged directly with questions.
   
   ### Is the PPMC managing the podling's brand / trademarks?
   
   No known issues.
   
   ### Signed-off-by:
   
 - [ ] (annotator) Nick Kew  
Comments:  
 - [ ] (annotator) Tommaso Teofili  
Comments:  
 - [x] (annotator) Benjamin Young  
Comments:  
   
   ### IPMC/Shepherd notes:
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat commented on pull request #31: Address Privacy issues

[via GitHub]

BigBlueHat commented on PR #31:
URL: 
https://github.com/apache/incubator-annotator-website/pull/31#issuecomment-1742089318

   Sorry this sat for so long, @PermissionError! These changes are great.
   
   We'll have to remember to re-make the Google font import change when we do 
upgrades, but that seems trivial enough.
   
   Much thanks for the PR!
   🎩 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat merged pull request #31: Address Privacy issues

[via GitHub]

BigBlueHat merged PR #31:
URL: https://github.com/apache/incubator-annotator-website/pull/31


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] tilgovi commented on issue #38: Board Report: October 2023

[via GitHub]

tilgovi commented on issue #38:
URL: 
https://github.com/apache/incubator-annotator-website/issues/38#issuecomment-1742138462

   Looks good to me. Thank you, @BigBlueHat 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] reckart commented on issue #38: Board Report: October 2023

[via GitHub]

reckart commented on issue #38:
URL: 
https://github.com/apache/incubator-annotator-website/issues/38#issuecomment-1742151623

   Thanks for filing the report!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart merged pull request #134: Update package.json

[via GitHub]

reckart merged PR #134:
URL: https://github.com/apache/incubator-annotator/pull/134


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart opened a new pull request, #147: #146 - Update dependencies

[via GitHub]

reckart opened a new pull request, #147:
URL: https://github.com/apache/incubator-annotator/pull/147

   - Updated basically all dependencies in the package.json file
   - Set minimum required node version to 16 since that is what some of the 
updated dependencies require


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart opened a new pull request, #148: Use GitHub actions to build and test repo

[via GitHub]

reckart opened a new pull request, #148:
URL: https://github.com/apache/incubator-annotator/pull/148

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart opened a new issue, #149: Set up automated build using GitHub actions

[via GitHub]

reckart opened a new issue, #149:
URL: https://github.com/apache/incubator-annotator/issues/149

   Set up automated build using GitHub actions since it appears that the Travis 
build is defunct.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart merged pull request #148: #149 - Set up automated build using GitHub actions

[via GitHub]

reckart merged PR #148:
URL: https://github.com/apache/incubator-annotator/pull/148


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart closed issue #149: Set up automated build using GitHub actions

[via GitHub]

reckart closed issue #149: Set up automated build using GitHub actions
URL: https://github.com/apache/incubator-annotator/issues/149


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart commented on pull request #147: #146 - Update dependencies

[via GitHub]

reckart commented on PR #147:
URL: 
https://github.com/apache/incubator-annotator/pull/147#issuecomment-1742172280

   @tilgovi @BigBlueHat @Treora I have done pretty radical update of 
dependencies here. Looks like the build process is happy. Anybody care to have 
a look at these changes since I'm not really too familiar with the tooling used 
by Apache Annotator. I still think switching to plain npm would be better these 
days (and drop lerna and yarn). Also I thing esbuild instead of webpack would 
be nice :)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #30: Bump minimatch from 3.0.4 to 3.1.2

[via GitHub]

BigBlueHat closed pull request #30: Bump minimatch from 3.0.4 to 3.1.2
URL: https://github.com/apache/incubator-annotator-website/pull/30


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #32: Bump luxon from 1.25.0 to 1.28.1

[via GitHub]

BigBlueHat closed pull request #32: Bump luxon from 1.25.0 to 1.28.1
URL: https://github.com/apache/incubator-annotator-website/pull/32


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #33: Bump ua-parser-js from 0.7.22 to 0.7.33

[via GitHub]

BigBlueHat closed pull request #33: Bump ua-parser-js from 0.7.22 to 0.7.33
URL: https://github.com/apache/incubator-annotator-website/pull/33


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #35: Bump lodash from 4.17.20 to 4.17.21

[via GitHub]

BigBlueHat closed pull request #35: Bump lodash from 4.17.20 to 4.17.21
URL: https://github.com/apache/incubator-annotator-website/pull/35


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #30: Bump minimatch from 3.0.4 to 3.1.2

[via GitHub]

dependabot[bot] commented on PR #30:
URL: 
https://github.com/apache/incubator-annotator-website/pull/30#issuecomment-1742192536

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #32: Bump luxon from 1.25.0 to 1.28.1

[via GitHub]

dependabot[bot] commented on PR #32:
URL: 
https://github.com/apache/incubator-annotator-website/pull/32#issuecomment-1742192537

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #33: Bump ua-parser-js from 0.7.22 to 0.7.33

[via GitHub]

dependabot[bot] commented on PR #33:
URL: 
https://github.com/apache/incubator-annotator-website/pull/33#issuecomment-1742192540

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #34: Bump minimist from 1.2.5 to 1.2.8

[via GitHub]

dependabot[bot] commented on PR #34:
URL: 
https://github.com/apache/incubator-annotator-website/pull/34#issuecomment-1742192541

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #36: Bump nunjucks from 3.2.2 to 3.2.4

[via GitHub]

BigBlueHat closed pull request #36: Bump nunjucks from 3.2.2 to 3.2.4
URL: https://github.com/apache/incubator-annotator-website/pull/36


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #35: Bump lodash from 4.17.20 to 4.17.21

[via GitHub]

dependabot[bot] commented on PR #35:
URL: 
https://github.com/apache/incubator-annotator-website/pull/35#issuecomment-1742192545

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #34: Bump minimist from 1.2.5 to 1.2.8

[via GitHub]

BigBlueHat closed pull request #34: Bump minimist from 1.2.5 to 1.2.8
URL: https://github.com/apache/incubator-annotator-website/pull/34


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #37: Bump semver from 5.7.1 to 5.7.2

[via GitHub]

BigBlueHat closed pull request #37: Bump semver from 5.7.1 to 5.7.2
URL: https://github.com/apache/incubator-annotator-website/pull/37


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #37: Bump semver from 5.7.1 to 5.7.2

[via GitHub]

dependabot[bot] commented on PR #37:
URL: 
https://github.com/apache/incubator-annotator-website/pull/37#issuecomment-1742192548

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] dependabot[bot] commented on pull request #36: Bump nunjucks from 3.2.2 to 3.2.4

[via GitHub]

dependabot[bot] commented on PR #36:
URL: 
https://github.com/apache/incubator-annotator-website/pull/36#issuecomment-1742192547

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat merged pull request #34: Bump minimist from 1.2.5 to 1.2.8

[via GitHub]

BigBlueHat merged PR #34:
URL: https://github.com/apache/incubator-annotator-website/pull/34


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat commented on pull request #30: Bump minimatch from 3.0.4 to 3.1.2

[via GitHub]

BigBlueHat commented on PR #30:
URL: 
https://github.com/apache/incubator-annotator-website/pull/30#issuecomment-1742194967

   Updating `yarn.lock` completely on the main `asf-site` branch instead.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator-website] BigBlueHat closed pull request #30: Bump minimatch from 3.0.4 to 3.1.2

[via GitHub]

BigBlueHat closed pull request #30: Bump minimatch from 3.0.4 to 3.1.2
URL: https://github.com/apache/incubator-annotator-website/pull/30


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] tilgovi commented on pull request #147: #146 - Update dependencies

[via GitHub]

tilgovi commented on PR #147:
URL: 
https://github.com/apache/incubator-annotator/pull/147#issuecomment-1742227086

   Looks great. I will make a PR to drop Yarn for NPM, because I don't think 
there is any benefit to continuing to use Yarn (especially not without the 
advanced features).
   
   Can you say anything about the non-dependency changes here? The ajv 
invocation and the lerna.json?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] tilgovi commented on pull request #147: #146 - Update dependencies

[via GitHub]

tilgovi commented on PR #147:
URL: 
https://github.com/apache/incubator-annotator/pull/147#issuecomment-1742228103

   I'm guessing useWorkspaces is just gone these days.
   
   I started looking at updating Lerna and trying out Nx a while back. I'll see 
where my branch got and try to see whether it's worth doing anything with these 
tools still.
   
   Thanks again for looking at this.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [incubator-annotator] reckart commented on pull request #147: #146 - Update dependencies

[via GitHub]

reckart commented on PR #147:
URL: 
https://github.com/apache/incubator-annotator/pull/147#issuecomment-1742373065

   Lerna said that `useWorkspaces` no longer exists.
   
   And `auto` was no longer a valid value for `schemaId` in `Ajv`. I considered 
specifying a particular schema version, but since the parameter is optional and 
the build works without specifying a version, I left it without the `schemaId`.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] #146 - Update dependencies [incubator-annotator]

[via GitHub]

reckart merged PR #147:
URL: https://github.com/apache/incubator-annotator/pull/147


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Update dependencies (0.3.0) [incubator-annotator]

[via GitHub]

reckart closed issue #146: Update dependencies (0.3.0)
URL: https://github.com/apache/incubator-annotator/issues/146


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[I] Include info on how to build in the README [incubator-annotator]

[via GitHub]

reckart opened a new issue, #150:
URL: https://github.com/apache/incubator-annotator/issues/150

   As a potential contributor, I have no idea what I can do with the repo after 
checking it out. It would be helpful if the README had a few pointers for 
getting me started, e.g. what development requirements I need to install and 
how to build and test.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Issue #150 - Include info on how to build in the README [incubator-annotator]

[via GitHub]

reckart opened a new pull request, #151:
URL: https://github.com/apache/incubator-annotator/pull/151

   - Include info on building and testing into the README file
   - Remove deprecated webpack dev-server option preventing the dev-server from 
starting


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Issue #150 - Include info on how to build in the README [incubator-annotator]

[via GitHub]

reckart merged PR #151:
URL: https://github.com/apache/incubator-annotator/pull/151


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Include info on how to build in the README [incubator-annotator]

[via GitHub]

reckart closed issue #150: Include info on how to build in the README
URL: https://github.com/apache/incubator-annotator/issues/150


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump word-wrap from 1.2.3 to 1.2.4 [incubator-annotator]

[via GitHub]

reckart commented on PR #145:
URL: 
https://github.com/apache/incubator-annotator/pull/145#issuecomment-1744797684

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump express from 4.17.1 to 4.18.2 [incubator-annotator]

[via GitHub]

reckart commented on PR #141:
URL: 
https://github.com/apache/incubator-annotator/pull/141#issuecomment-1744798051

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump word-wrap from 1.2.3 to 1.2.4 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #145:
URL: 
https://github.com/apache/incubator-annotator/pull/145#issuecomment-1744798083

   Looks like word-wrap is no longer a dependency, so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump word-wrap from 1.2.3 to 1.2.4 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #145: Bump word-wrap from 1.2.3 to 1.2.4
URL: https://github.com/apache/incubator-annotator/pull/145


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump express from 4.17.1 to 4.18.2 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #141:
URL: 
https://github.com/apache/incubator-annotator/pull/141#issuecomment-1744798488

   Looks like express is up-to-date now, so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump express from 4.17.1 to 4.18.2 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #141: Bump express from 4.17.1 to 4.18.2
URL: https://github.com/apache/incubator-annotator/pull/141


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump qs from 6.5.2 to 6.5.3 [incubator-annotator]

[via GitHub]

reckart commented on PR #140:
URL: 
https://github.com/apache/incubator-annotator/pull/140#issuecomment-1744798204

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump qs from 6.5.2 to 6.5.3 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #140: Bump qs from 6.5.2 to 6.5.3
URL: https://github.com/apache/incubator-annotator/pull/140


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump eventsource from 1.0.7 to 1.1.1 [incubator-annotator]

[via GitHub]

reckart commented on PR #124:
URL: 
https://github.com/apache/incubator-annotator/pull/124#issuecomment-1744799153

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump decode-uri-component from 0.2.0 to 0.2.2 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #139:
URL: 
https://github.com/apache/incubator-annotator/pull/139#issuecomment-1744799212

   Looks like decode-uri-component is no longer a dependency, so this is no 
longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump qs from 6.5.2 to 6.5.3 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #140:
URL: 
https://github.com/apache/incubator-annotator/pull/140#issuecomment-1744798675

   Looks like qs is up-to-date now, so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump terser from 4.3.4 to 4.8.1 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #127:
URL: 
https://github.com/apache/incubator-annotator/pull/127#issuecomment-1744799400

   Looks like terser is up-to-date now, so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump decode-uri-component from 0.2.0 to 0.2.2 [incubator-annotator]

[via GitHub]

reckart commented on PR #139:
URL: 
https://github.com/apache/incubator-annotator/pull/139#issuecomment-1744798809

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump terser from 4.3.4 to 4.8.1 [incubator-annotator]

[via GitHub]

reckart commented on PR #127:
URL: 
https://github.com/apache/incubator-annotator/pull/127#issuecomment-1744798985

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump decode-uri-component from 0.2.0 to 0.2.2 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #139: Bump decode-uri-component from 0.2.0 
to 0.2.2
URL: https://github.com/apache/incubator-annotator/pull/139


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump terser from 4.3.4 to 4.8.1 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #127: Bump terser from 4.3.4 to 4.8.1
URL: https://github.com/apache/incubator-annotator/pull/127


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump jsdom from 16.2.2 to 16.5.0 [incubator-annotator]

[via GitHub]

reckart commented on PR #126:
URL: 
https://github.com/apache/incubator-annotator/pull/126#issuecomment-1744799614

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump eventsource from 1.0.7 to 1.1.1 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #124: Bump eventsource from 1.0.7 to 1.1.1
URL: https://github.com/apache/incubator-annotator/pull/124


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump eventsource from 1.0.7 to 1.1.1 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #124:
URL: 
https://github.com/apache/incubator-annotator/pull/124#issuecomment-1744799581

   Looks like eventsource is no longer a dependency, so this is no longer 
needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump jsdom from 16.2.2 to 16.5.0 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #126:
URL: 
https://github.com/apache/incubator-annotator/pull/126#issuecomment-1744800057

   Looks like jsdom is up-to-date now, so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump jsdom from 16.2.2 to 16.5.0 [incubator-annotator]

[via GitHub]

dependabot[bot] closed pull request #126: Bump jsdom from 16.2.2 to 16.5.0
URL: https://github.com/apache/incubator-annotator/pull/126


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Tweak types [incubator-annotator]

[via GitHub]

reckart commented on PR #136:
URL: 
https://github.com/apache/incubator-annotator/pull/136#issuecomment-1744802135

   @Treora do you have any particular doubts about this PR that need to be 
clarified by other developers? Do you see any reason not to merge this PR?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Tweak types [incubator-annotator]

[via GitHub]

Treora commented on PR #136:
URL: 
https://github.com/apache/incubator-annotator/pull/136#issuecomment-1744865687

   Thanks for taking a look. It’s been a while.. I think these changes should 
be uncontroversial. Tests appear to pass. In case we do find any mistakes we 
can just as well fix them after merging. I’ll press the button already if you 
allow me the pleasure. ;)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Tweak types [incubator-annotator]

[via GitHub]

Treora merged PR #136:
URL: https://github.com/apache/incubator-annotator/pull/136


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Issue #152: Provide template files for GitHub issues and PRs [incubator-annotator]

[via GitHub]

reckart opened a new pull request, #153:
URL: https://github.com/apache/incubator-annotator/pull/153

   - Copied templates from Apache UIMA and adapted them to Apache Annotator


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Issue #152: Provide template files for GitHub issues and PRs [incubator-annotator]

[via GitHub]

reckart commented on PR #153:
URL: 
https://github.com/apache/incubator-annotator/pull/153#issuecomment-1744938220

   I'll merge this - if anybody has better ideas or a strong opinion against 
the templates in general, we can always adjust/remove them again.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Issue #152: Provide template files for GitHub issues and PRs [incubator-annotator]

[via GitHub]

reckart merged PR #153:
URL: https://github.com/apache/incubator-annotator/pull/153


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Provide template files for GitHub issues and PRs [incubator-annotator]

[via GitHub]

reckart closed issue #152: Provide template files for GitHub issues and PRs
URL: https://github.com/apache/incubator-annotator/issues/152


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[I] DOAP file has an error [incubator-annotator-website]

[via GitHub]

Claudenw opened a new issue, #39:
URL: https://github.com/apache/incubator-annotator-website/issues/39

   The DOAP file as referenced by 
https://svn.apache.org/repos/asf/comdev/projects.apache.org/trunk/data/projects.xml
 is found at https://annotator.apache.org/doap.rdf does not parse correctly.
   
   The error returned is:
   [line: 38, col: 88] {W002} 
 Code: 
0/ILLEGAL_CHARACTER in PORT: The character violates the grammar rules for 
URIs/IRIs.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] @apache-annotator/dom not updated on NPM [incubator-annotator]

[via GitHub]

reckart closed issue #142: @apache-annotator/dom not updated on NPM
URL: https://github.com/apache/incubator-annotator/issues/142


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] @apache-annotator/dom not updated on NPM [incubator-annotator]

[via GitHub]

reckart commented on issue #142:
URL: 
https://github.com/apache/incubator-annotator/issues/142#issuecomment-1745144190

   Once a new release is done, it will be published to npmjs. Meanwhile, there 
is nothing to be done here.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump @babel/traverse from 7.23.0 to 7.23.2 [incubator-annotator]

[via GitHub]

dependabot[bot] opened a new pull request, #155:
URL: https://github.com/apache/incubator-annotator/pull/155

   Bumps 
[@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse)
 from 7.23.0 to 7.23.2.
   
   Release notes
   Sourced from https://github.com/babel/babel/releases";>@​babel/traverse's 
releases.
   
   v7.23.2 (2023-10-11)
   NOTE: This release also re-publishes 
@babel/core, even if it does not appear in the linked release 
commit.
   Thanks https://github.com/jimmydief";>@​jimmydief for your first 
PR!
   :bug: Bug Fix
   
   babel-traverse
   
   https://redirect.github.com/babel/babel/pull/16033";>#16033 
Only evaluate own String/Number/Math methods (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   babel-preset-typescript
   
   https://redirect.github.com/babel/babel/pull/16022";>#16022 
Rewrite .tsx extension when using 
rewriteImportExtensions (https://github.com/jimmydief";>@​jimmydief)
   
   
   babel-helpers
   
   https://redirect.github.com/babel/babel/pull/16017";>#16017 
Fix: fallback to typeof when toString is applied to incompatible object (https://github.com/JLHwung";>@​JLHwung)
   
   
   babel-helpers, 
babel-plugin-transform-modules-commonjs, 
babel-runtime-corejs2, babel-runtime-corejs3, 
babel-runtime
   
   https://redirect.github.com/babel/babel/pull/16025";>#16025 
Avoid override mistake in namespace imports (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   
   Committers: 5
   
   Babel Bot (https://github.com/babel-bot";>@​babel-bot)
   Huáng Jùnliàng (https://github.com/JLHwung";>@​JLHwung)
   James Diefenderfer (https://github.com/jimmydief";>@​jimmydief)
   Nicolò Ribaudo (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   https://github.com/liuxingbaoyu";>@​liuxingbaoyu
   
   v7.23.1 (2023-09-25)
   Re-publishing @babel/helpers due to a publishing error in 
7.23.0.
   
   
   
   Changelog
   Sourced from https://github.com/babel/babel/blob/main/CHANGELOG.md";>@​babel/traverse's
 changelog.
   
   v7.23.2 (2023-10-11)
   :bug: Bug Fix
   
   babel-traverse
   
   https://redirect.github.com/babel/babel/pull/16033";>#16033 
Only evaluate own String/Number/Math methods (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   babel-preset-typescript
   
   https://redirect.github.com/babel/babel/pull/16022";>#16022 
Rewrite .tsx extension when using 
rewriteImportExtensions (https://github.com/jimmydief";>@​jimmydief)
   
   
   babel-helpers
   
   https://redirect.github.com/babel/babel/pull/16017";>#16017 
Fix: fallback to typeof when toString is applied to incompatible object (https://github.com/JLHwung";>@​JLHwung)
   
   
   babel-helpers, 
babel-plugin-transform-modules-commonjs, 
babel-runtime-corejs2, babel-runtime-corejs3, 
babel-runtime
   
   https://redirect.github.com/babel/babel/pull/16025";>#16025 
Avoid override mistake in namespace imports (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   
   
   
   
   Commits
   
   https://github.com/babel/babel/commit/b4b9942a6cde0685c222eb3412347880aae40ad5";>b4b9942
 v7.23.2
   https://github.com/babel/babel/commit/b13376b346946e3f62fc0848c1d2a23223314c82";>b13376b
 Only evaluate own String/Number/Math methods (https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16033";>#16033)
   See full diff in https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse";>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.23.0&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabo

[PR] Bump axios from 1.5.1 to 1.6.1 [incubator-annotator]

[via GitHub]

dependabot[bot] opened a new pull request, #156:
URL: https://github.com/apache/incubator-annotator/pull/156

   Bumps [axios](https://github.com/axios/axios) from 1.5.1 to 1.6.1.
   
   Release notes
   Sourced from https://github.com/axios/axios/releases";>axios's releases.
   
   Release v1.6.1
   Release notes:
   Bug Fixes
   
   formdata: fixed content-type header normalization for 
non-standard browser environments; (https://redirect.github.com/axios/axios/issues/6056";>#6056) (https://github.com/axios/axios/commit/dd465ab22bbfa262c6567be6574bf46a057d5288";>dd465ab)
   platform: fixed emulated browser detection in node.js 
environment; (https://redirect.github.com/axios/axios/issues/6055";>#6055) (https://github.com/axios/axios/commit/3dc8369e505e32a4e12c22f154c55fd63ac67fbb";>3dc8369)
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+432/-65 ([#6059](https://github.com/axios/axios/issues/6059) 
[#6056](https://github.com/axios/axios/issues/6056) 
[#6055](https://github.com/axios/axios/issues/6055) )">Dmitriy Mozgovoy
https://github.com/meyfa"; 
title="+5/-2 ([#5835](https://github.com/axios/axios/issues/5835) )">Fabian 
Meyer
   
   Release v1.6.0
   Release notes:
   Bug Fixes
   
   CSRF: fixed CSRF vulnerability CVE-2023-45857 (https://redirect.github.com/axios/axios/issues/6028";>#6028) (https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0";>96ee232)
   dns: fixed lookup function decorator to work properly 
in node v20; (https://redirect.github.com/axios/axios/issues/6011";>#6011) (https://github.com/axios/axios/commit/5aaff532a6b820bb9ab6a8cd0f77131b47e2adb8";>5aaff53)
   types: fix AxiosHeaders types; (https://redirect.github.com/axios/axios/issues/5931";>#5931) (https://github.com/axios/axios/commit/a1c8ad008b3c13d53e135bbd0862587fb9d3fc09";>a1c8ad0)
   
   PRs
   
   CVE 2023 45857 ( https://api.github.com/repos/axios/axios/pulls/6028";>#6028 )
   
   
   ⚠️ Critical vulnerability fix. See 
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+449/-114 ([#6032](https://github.com/axios/axios/issues/6032) 
[#6021](https://github.com/axios/axios/issues/6021) 
[#6011](https://github.com/axios/axios/issues/6011) 
[#5932](https://github.com/axios/axios/issues/5932) 
[#5931](https://github.com/axios/axios/issues/5931) )">Dmitriy Mozgovoy
https://github.com/valentin-panov"; 
title="+4/-4 ([#6028](https://github.com/axios/axios/issues/6028) )">Valentin 
Panov
https://github.com/therealrinku"; 
title="+1/-1 ([#5889](https://github.com/axios/axios/issues/5889) )">Rinku 
Chaudhari
   
   
   
   
   Changelog
   Sourced from https://github.com/axios/axios/blob/v1.x/CHANGELOG.md";>axios's 
changelog.
   
   https://github.com/axios/axios/compare/v1.6.0...v1.6.1";>1.6.1 
(2023-11-08)
   Bug Fixes
   
   formdata: fixed content-type header normalization for 
non-standard browser environments; (https://redirect.github.com/axios/axios/issues/6056";>#6056) (https://github.com/axios/axios/commit/dd465ab22bbfa262c6567be6574bf46a057d5288";>dd465ab)
   platform: fixed emulated browser detection in node.js 
environment; (https://redirect.github.com/axios/axios/issues/6055";>#6055) (https://github.com/axios/axios/commit/3dc8369e505e32a4e12c22f154c55fd63ac67fbb";>3dc8369)
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+432/-65 ([#6059](https://github.com/axios/axios/issues/6059) 
[#6056](https://github.com/axios/axios/issues/6056) 
[#6055](https://github.com/axios/axios/issues/6055) )">Dmitriy Mozgovoy
https://github.com/meyfa"; 
title="+5/-2 ([#5835](https://github.com/axios/axios/issues/5835) )">Fabian 
Meyer
   
   https://github.com/axios/axios/compare/v1.5.1...v1.6.0";>1.6.0 
(2023-10-26)
   Bug Fixes
   
   CSRF: fixed CSRF vulnerability CVE-2023-45857 (https://redirect.github.com/axios/axios/issues/6028";>#6028) (https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0";>96ee232)
   dns: fixed lookup function decorator to work properly 
in node v20; (https://redirect.github.com/axios/axios/issues/6011";>#6011) (https://github.com/axios/axios/commit/5aaff532a6b820bb9ab6a8cd0f77131b47e2adb8";>5aaff53)
   types: fix AxiosHeaders types; (https://redirect.github.com/axios/axios/issues/5931";>#5931) (https://github.com/axios/axios/commit/a1c8ad008b3c13d53e135bbd0862587fb9d3fc09";>a1c8ad0)
   
   PRs
   
   CVE 2023 45857 ( https://api.github.com/repos/axios/axios/pulls/6028";>#6028 )
   
   
   ⚠️ Critical vulnerability fix. See 
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+449/-114 ([#6032](https://github.com/axios/axios/issues/6032) 
[#6021](https://github.com/axios/axios/issues/6021) 
[#6011](https://github.com/axios/axios/issues/6011) 
[#5932](https://github.com/axios/axios/issues/5932)

[PR] Replace yarn with npm [incubator-annotator]

[via GitHub]

tilgovi opened a new pull request, #157:
URL: https://github.com/apache/incubator-annotator/pull/157

   Close #154.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump axios from 1.5.1 to 1.6.1 [incubator-annotator]

[via GitHub]

tilgovi commented on PR #156:
URL: 
https://github.com/apache/incubator-annotator/pull/156#issuecomment-1809483266

   Closing in light of #157.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump axios from 1.5.1 to 1.6.1 [incubator-annotator]

[via GitHub]

tilgovi closed pull request #156: Bump axios from 1.5.1 to 1.6.1
URL: https://github.com/apache/incubator-annotator/pull/156


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump axios from 1.5.1 to 1.6.1 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #156:
URL: 
https://github.com/apache/incubator-annotator/pull/156#issuecomment-1809483298

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump @babel/traverse from 7.23.0 to 7.23.2 [incubator-annotator]

[via GitHub]

tilgovi closed pull request #155: Bump @babel/traverse from 7.23.0 to 7.23.2
URL: https://github.com/apache/incubator-annotator/pull/155


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump @babel/traverse from 7.23.0 to 7.23.2 [incubator-annotator]

[via GitHub]

tilgovi commented on PR #155:
URL: 
https://github.com/apache/incubator-annotator/pull/155#issuecomment-1809483520

   Closing in light of #157.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump @babel/traverse from 7.23.0 to 7.23.2 [incubator-annotator]

[via GitHub]

dependabot[bot] commented on PR #155:
URL: 
https://github.com/apache/incubator-annotator/pull/155#issuecomment-1809483549

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop yarn in favor of npm [incubator-annotator]

[via GitHub]

tilgovi closed issue #154: Drop yarn in favor of npm
URL: https://github.com/apache/incubator-annotator/issues/154


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Replace yarn with npm [incubator-annotator]

[via GitHub]

tilgovi merged PR #157:
URL: https://github.com/apache/incubator-annotator/pull/157


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump loader-utils from 2.0.2 to 2.0.4 [incubator-annotator]

[via GitHub]

dependabot[bot] opened a new pull request, #158:
URL: https://github.com/apache/incubator-annotator/pull/158

   Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 
2.0.4.
   
   Release notes
   Sourced from https://github.com/webpack/loader-utils/releases";>loader-utils's 
releases.
   
   v2.0.4
   https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4";>2.0.4
 (2022-11-11)
   Bug Fixes
   
   ReDoS problem (https://redirect.github.com/webpack/loader-utils/issues/225";>#225) 
(https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb";>ac09944)
   
   v2.0.3
   https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3";>2.0.3
 (2022-10-20)
   Bug Fixes
   
   security: prototype pollution exploit (https://redirect.github.com/webpack/loader-utils/issues/217";>#217) 
(https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c";>a93cf6f)
   
   
   
   
   Changelog
   Sourced from https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md";>loader-utils's
 changelog.
   
   https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4";>2.0.4
 (2022-11-11)
   Bug Fixes
   
   ReDoS problem (https://redirect.github.com/webpack/loader-utils/issues/225";>#225) 
(https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb";>ac09944)
   
   https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3";>2.0.3
 (2022-10-20)
   Bug Fixes
   
   security: prototype pollution exploit (https://redirect.github.com/webpack/loader-utils/issues/217";>#217) 
(https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c";>a93cf6f)
   
   
   
   
   Commits
   
   https://github.com/webpack/loader-utils/commit/6688b5028106f144ee9f543bebc8e6a87b57829f";>6688b50
 chore(release): 2.0.4
   https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb";>ac09944
 fix: ReDoS problem (https://redirect.github.com/webpack/loader-utils/issues/225";>#225)
   https://github.com/webpack/loader-utils/commit/7162619fb982c394ed75098a0a0ed7e7f3177c70";>7162619
 chore(release): 2.0.3
   https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c";>a93cf6f
 fix(security): prototype polution exploit (https://redirect.github.com/webpack/loader-utils/issues/217";>#217)
   https://github.com/webpack/loader-utils/commit/90c7c4be17e3e0b2f6091a69c67db7a6df9fd044";>90c7c4b
 chore(release): 2.0.2
   https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f";>8c2d24e
 fix: base64 generation and unicode characters (https://redirect.github.com/webpack/loader-utils/issues/197";>#197)
   See full diff in https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.4";>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=loader-utils&package-manager=npm_and_yarn&previous-version=2.0.2&new-version=2.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/incubator-annotator/network/alerts).
   
   


-- 
This is a

[PR] Bump axios from 1.5.1 to 1.6.2 [incubator-annotator]

[via GitHub]

dependabot[bot] opened a new pull request, #159:
URL: https://github.com/apache/incubator-annotator/pull/159

   Bumps [axios](https://github.com/axios/axios) from 1.5.1 to 1.6.2.
   
   Release notes
   Sourced from https://github.com/axios/axios/releases";>axios's releases.
   
   Release v1.6.2
   Release notes:
   Features
   
   withXSRFToken: added withXSRFToken option as a 
workaround to achieve the old withCredentials behavior; (https://redirect.github.com/axios/axios/issues/6046";>#6046) (https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc";>cff9967)
   
   PRs
   
   feat(withXSRFToken): added withXSRFToken option as a workaround to 
achieve the old `withCredentials` behavior; ( https://api.github.com/repos/axios/axios/pulls/6046";>#6046 )
   
   
   📢 This PR added 'withXSRFToken' option as a replacement 
for old withCredentials behaviour. 
   You should now use withXSRFToken along with withCredential to get the old 
behavior.
   This functionality is considered as a fix.
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+271/-146 ([#6081](https://github.com/axios/axios/issues/6081) 
[#6080](https://github.com/axios/axios/issues/6080) 
[#6079](https://github.com/axios/axios/issues/6079) 
[#6078](https://github.com/axios/axios/issues/6078) 
[#6046](https://github.com/axios/axios/issues/6046) 
[#6064](https://github.com/axios/axios/issues/6064) 
[#6063](https://github.com/axios/axios/issues/6063) )">Dmitriy Mozgovoy
https://github.com/ckng0221"; 
title="+4/-4 ([#6073](https://github.com/axios/axios/issues/6073) )">Ng Choon 
Khon (CK)
https://github.com/mnomanmemon"; 
title="+2/-2 ([#6048](https://github.com/axios/axios/issues/6048) )">Muhammad 
Noman
   
   Release v1.6.1
   Release notes:
   Bug Fixes
   
   formdata: fixed content-type header normalization for 
non-standard browser environments; (https://redirect.github.com/axios/axios/issues/6056";>#6056) (https://github.com/axios/axios/commit/dd465ab22bbfa262c6567be6574bf46a057d5288";>dd465ab)
   platform: fixed emulated browser detection in node.js 
environment; (https://redirect.github.com/axios/axios/issues/6055";>#6055) (https://github.com/axios/axios/commit/3dc8369e505e32a4e12c22f154c55fd63ac67fbb";>3dc8369)
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+432/-65 ([#6059](https://github.com/axios/axios/issues/6059) 
[#6056](https://github.com/axios/axios/issues/6056) 
[#6055](https://github.com/axios/axios/issues/6055) )">Dmitriy Mozgovoy
https://github.com/meyfa"; 
title="+5/-2 ([#5835](https://github.com/axios/axios/issues/5835) )">Fabian 
Meyer
   
   Release v1.6.0
   Release notes:
   Bug Fixes
   
   CSRF: fixed CSRF vulnerability CVE-2023-45857 (https://redirect.github.com/axios/axios/issues/6028";>#6028) (https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0";>96ee232)
   dns: fixed lookup function decorator to work properly 
in node v20; (https://redirect.github.com/axios/axios/issues/6011";>#6011) (https://github.com/axios/axios/commit/5aaff532a6b820bb9ab6a8cd0f77131b47e2adb8";>5aaff53)
   types: fix AxiosHeaders types; (https://redirect.github.com/axios/axios/issues/5931";>#5931) (https://github.com/axios/axios/commit/a1c8ad008b3c13d53e135bbd0862587fb9d3fc09";>a1c8ad0)
   
   PRs
   
   CVE 2023 45857 ( https://api.github.com/repos/axios/axios/pulls/6028";>#6028 )
   
   
   ⚠️ Critical vulnerability fix. See 
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
   
   Contributors to this release
   
   
   ... (truncated)
   
   
   Changelog
   Sourced from https://github.com/axios/axios/blob/v1.x/CHANGELOG.md";>axios's 
changelog.
   
   https://github.com/axios/axios/compare/v1.6.1...v1.6.2";>1.6.2 
(2023-11-14)
   Features
   
   withXSRFToken: added withXSRFToken option as a 
workaround to achieve the old withCredentials behavior; (https://redirect.github.com/axios/axios/issues/6046";>#6046) (https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc";>cff9967)
   
   PRs
   
   feat(withXSRFToken): added withXSRFToken option as a workaround to 
achieve the old `withCredentials` behavior; ( https://api.github.com/repos/axios/axios/pulls/6046";>#6046 )
   
   
   📢 This PR added 'withXSRFToken' option as a replacement 
for old withCredentials behaviour. 
   You should now use withXSRFToken along with withCredential to get the old 
behavior.
   This functionality is considered as a fix.
   
   Contributors to this release
   
https://github.com/DigitalBrainJS"; 
title="+271/-146 ([#6081](https://github.com/axios/axios/issues/6081) 
[#6080](https://github.com/axios/axios/issues/6080) 
[#6079](https://github.com/axios/axios/issues/6079) 
[#6078](https://github.com/axios/axios/issues/6078) 
[#6046](https://github.com/axios/axios/issues/6046) 
[#6064](https://github.com/axios/axios/issues/6064) 
[#6063](https://github.com/axios/axios/issues/6

[PR] Bump @babel/traverse from 7.23.0 to 7.23.6 [incubator-annotator]

[via GitHub]

dependabot[bot] opened a new pull request, #160:
URL: https://github.com/apache/incubator-annotator/pull/160

   Bumps 
[@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse)
 from 7.23.0 to 7.23.6.
   
   Release notes
   Sourced from https://github.com/babel/babel/releases";>@​babel/traverse's 
releases.
   
   v7.23.6 (2023-12-11)
   Thanks https://github.com/martinez-hugo";>@​martinez-hugo and https://github.com/odinho";>@​odinho for your first pull 
requests!
   :eyeglasses: Spec Compliance
   
   babel-generator, babel-parser, 
babel-types
   
   https://redirect.github.com/babel/babel/pull/16154";>#16154 
Remove TSPropertySignature.initializer (https://github.com/fisker";>@​fisker)
   
   
   babel-helpers, 
babel-plugin-proposal-decorators, 
babel-plugin-transform-class-properties, 
babel-plugin-transform-class-static-block, 
babel-plugin-transform-runtime, babel-preset-env, 
babel-runtime-corejs2, babel-runtime-corejs3, 
babel-runtime, babel-types
   
   https://redirect.github.com/babel/babel/pull/16139";>#16139 
Apply toPropertyKey on decorator context name (https://github.com/JLHwung";>@​JLHwung)
   
   
   
   :bug: Bug Fix
   
   babel-generator
   
   https://redirect.github.com/babel/babel/pull/16166";>#16166 
fix: Correctly indenting when retainLines is enabled (https://github.com/liuxingbaoyu";>@​liuxingbaoyu)
   
   
   babel-helpers, 
babel-plugin-proposal-explicit-resource-management
   
   https://redirect.github.com/babel/babel/pull/16150";>#16150 
using: Allow looking up Symbol.dispose on a function 
(https://github.com/odinho";>@​odinho)
   
   
   babel-plugin-proposal-decorators, 
babel-plugin-transform-class-properties
   
   https://redirect.github.com/babel/babel/pull/16161";>#16161 
Ensure the [[@@toPrimitive]] call of a decorated class member key 
is invoked once (https://github.com/JLHwung";>@​JLHwung)
   https://redirect.github.com/babel/babel/pull/16148";>#16148 
Support named evaluation for decorated anonymous class exp (https://github.com/JLHwung";>@​JLHwung)
   
   
   babel-plugin-transform-for-of, babel-preset-env
   
   https://redirect.github.com/babel/babel/pull/16011";>#16011 
fix: for of with iterableIsArray and shadowing 
variable  (https://github.com/liuxingbaoyu";>@​liuxingbaoyu)
   
   
   babel-helpers, 
babel-plugin-proposal-decorators, 
babel-runtime-corejs2, babel-runtime-corejs3, 
babel-runtime
   
   https://redirect.github.com/babel/babel/pull/16144";>#16144 
Set function name for decorated private non-field elements (https://github.com/JLHwung";>@​JLHwung)
   
   
   babel-plugin-transform-typescript
   
   https://redirect.github.com/babel/babel/pull/16137";>#16137 
Fix references to enum values with merging (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   
   :microscope: Output optimization
   
   babel-helper-create-class-features-plugin, 
babel-plugin-transform-class-properties
   
   https://redirect.github.com/babel/babel/pull/16159";>#16159 
Reuse computed key memoiser (https://github.com/JLHwung";>@​JLHwung)
   
   
   babel-helpers, babel-plugin-proposal-decorators
   
   https://redirect.github.com/babel/babel/pull/16160";>#16160 
Optimize decorator helper size (https://github.com/liuxingbaoyu";>@​liuxingbaoyu)
   
   
   
   Committers: 7
   
   Babel Bot (https://github.com/babel-bot";>@​babel-bot)
   Hugo Martinez (https://github.com/martinez-hugo";>@​martinez-hugo)
   Huáng Jùnliàng (https://github.com/JLHwung";>@​JLHwung)
   Nicolò Ribaudo (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   Odin Hørthe-Omdal Urdland (https://github.com/odinho";>@​odinho)
   https://github.com/liuxingbaoyu";>@​liuxingbaoyu
   fisker Cheung (https://github.com/fisker";>@​fisker)
   
   v7.23.5 (2023-11-29)
   :eyeglasses: Spec Compliance
   
   babel-plugin-proposal-decorators
   
   https://redirect.github.com/babel/babel/pull/16138";>#16138 
Class binding is in TDZ during decorators initialization (https://github.com/nicolo-ribaudo";>@​nicolo-ribaudo)
   
   
   babel-helpers, babel-plugin-proposal-decorators
   
   https://redirect.github.com/babel/babel/pull/16132";>#16132 
Allow addInitializer in field decorator context (https://github.com/JLHwung";>@​JLHwung)
   
   
   
   :bug: Bug Fix
   
   babel-traverse, babel-types
   
   
   
   ... (truncated)
   
   
   Changelog
   Sourced from https://github.com/babel/babel/blob/main/CHANGELOG.md";>@​babel/traverse's
 changelog.
   
   v7.23.6 (2023-12-11)
   :eyeglasses: Spec Compliance
   
   babel-generator, babel-parser, 
babel-types
   
   https://redirect.github.com/babel/babel/pull/16154";>#16154 
Remove TSPropertySignature.initializer (https://github.com/fisker";>@​fisker)
   
   
   babel-helpers, 
babel-plugin-proposal-decorators, 
babel-plugin-transform-class-properties, 
babel-plugin-transform-class-static-block, 
babel-plugin-transform-runtime, babel-preset-env, 
babel-runtime-corejs2, babel-runtime-corejs3, 
babel-runtime, babel-types

Re: [I] Board Report: October 2023 [incubator-annotator-website]

[via GitHub]

tilgovi closed issue #38: Board Report: October 2023
URL: https://github.com/apache/incubator-annotator-website/issues/38


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

mrcolbyrussell opened a new issue, #161:
URL: https://github.com/apache/incubator-annotator/issues/161

   **Describe the refactoring action**
   
   Pull request #157 closed issue #154 to simplify the build process by using 
npm instead of yarn for fetching dependencies.
   
   The current state of the project is described in the README "dependencies 
are automatically installed as part of the build[...] `npm run build` -- builds 
the project".
   
   Not requiring a separate step to fetch dependencies isn't a bad affordance 
for people who want to be able to get annotator built with a single command 
after cloning, but it is inconvenient wrt other scenarios in the fact that 
getting all the code is itself not a single step—you fetch part of the code 
when you clone the repo and then the rest of it (i.e. the dependencies) right 
before build.  This is not unusual for npm-based projects, but it is 
inconvenient all the same (and unnecessary).
   
   Rather than requiring folks who are merely building annotator fetch 
dependencies on top, we can dictate that maintainers be responsible for 
fetching them (at the same time they're that they're affirming, after a package 
has been changed upstream, that its newest release releases does in fact 
comprise part of a platform on which annotator can be built).
   
   **Expected benefit**
   
   Being able to build offline—as long as you've already cloned the repo, then 
you have what you need to build the project (common expectation up until ~10 
years ago, when people started making build scripts hit the network to 
dynamically fetch other pieces).
   
   Reproducible builds—under the status quo, a developer may successfully build 
and deploy annotator and then at some later point another developer (or the 
same person, even) might check out the exact same tag/branch/commit and not be 
able to successfully complete the build because a dependency has changed 
upstream.  (package-lock.json tries to solve this, but it doesn't, and it's 
just one big attempt to work around the fact that `npm install` and similar 
workflows are designed to keep people from being able to get dependencies at 
the same time that they're getting the application code.)
   
   See also:
   
   * "Dependencies belong in version control."  

   * "I hate npm so much." 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

reckart commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1851469244

   Just my 10ct on this...
   
   I'd opt for sticking with installing dependencies when required and keeping 
them out of the repo - using the `package.lock` to avoid undesired changes of 
dependencies through people attacking upstream.
   
   Artifact repositories like pypy, npmjs or maven central are quite reliable 
and under normal circumstances, once something has been published there, it 
does not go away. Use of smaller upstream repositories that may not be as 
reliable, or direct dependencies on even GitHub repositories as npm allows them 
should imho be avoided. 
   
   Unnecessary dependencies should also be avoided.
   
   I believe most of annotator's dependencies are pursuant to its build 
tooling. IMHO it makes no sense to keep that in the repo. But for a fully 
autark build that would be necessary, and then also for different platforms, 
etc. It is a rabbit hole.
   
   Also, having dependencies in the repo gives incentive to not upgrading them 
regularly, leading to dependency rot.
   
   Better update dependencies with every release (as applicable and sensible) 
and release regularly.
   
   If there are no releases, there is no maintenance. If there is no 
maintenance, a library should not be used downstream anymore. If there are no 
users, a reproducible build is moot.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

mrcolbyrussell commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1852237279

   > dependencies when required and keeping them out of the repo - using the 
`package.lock`
   
   What's `package.lock`
   
   > Artifact repositories like pypy, npmjs or maven central
   
   This is not a Python or JVM project, nor is it a broad philosophical 
discussion.  This is about apache/incubator-annotator.
   
   > having dependencies in the repo gives incentive to not upgrading them 
regularly, leading to dependency rot
   
   ...
   
   > Better update dependencies with every release
   
   That doesn't describe what's happening now.  Dependencies can change from 
build to build; today, Developer A can clone the repo at 10:01 AM and run the 
build while Developer B clones the repo at 10:13 AM and runs the build and they 
get different results because the build script is not a really a build 
script—it's entangled with dynamically fetching missing pieces of the source 
tree, which change upstream from time to time.  (Again, this isn't unusual for 
NPM-based projects, but it being the 
[norm](https://en.wikipedia.org/wiki/Normalization_of_deviance) is not a 
substitute for an argument on its own merits.)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

mrcolbyrussell commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1852242619

   > update dependencies with every release
   
   (This is, in fact, what I'm asking for—and which isn't currently happening.)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

reckart commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1852261142

   By `package.lock` I mean `package-lock.json`.
   
   Correct me if I am wrong: If `package-lock.json` is present and the npm 
build is using `npm ci` instead of `npm install` to install the dependencies, 
the packages are installed exactly as prescribed by the `package-lock.json` 
every time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

mrcolbyrussell commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1852286114

   I'm not going to say whether that's correct or incorrect because it's 
off-topic (a red herring).
   
   PR #157 simplified the build process because Yarn was basically boondoggle.  
It was an unnecessary requirement.
   
   Here's a simple exercise; think about the answers to the following 
questions: what problem does `package-lock.json` solve?  Why does that problem 
exist?  (As in, "Where does it come from?")
   
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [I] Drop the entanglement of dependency fetching as part of the build [incubator-annotator]

[via GitHub]

tilgovi commented on issue #161:
URL: 
https://github.com/apache/incubator-annotator/issues/161#issuecomment-1853196825

   The last paragraph of your first comment started with a call for 
reproducible builds. Whether or not package-lock.json totally provides that is, 
as you say, maybe off topic, but it certainly aims to make the build *more* 
reproducible.
   
   So which is it, a requirement you have or an unnecessary requirement?
   
   Do you have a use case? Are you packaging annotator somewhere where you'd 
like to do an offline build?
   
   Are you engaging in good faith? I'm not yet able to see why you've opened 
this issue, except perhaps to rail against package managers in an inappropriate 
venue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@annotator.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org