Vuejs-Node vue template: node-vue-template - A starter template for building complete application using Node.js (API) and Vue.js (SPA) with some included packages and configurations to help start the development quickly.

Node-Vue-Template

codebeat badge

A starter template for building a complete application using Node.js and Vue.js with some included packages and configurations to help jump-start the development process.

There are two parts of this project, backend api and single page frontend application and each part is contained in the respective folder.

Major packages inlcuded and configured (as required)

Backend

Highlights

  • Sequelize configures models from a directory, just add a new model and sequelize will load it.
  • Authentication is already setup using JSONWebToken for Node.js
  • Add custom route endpoints

Build Setup

By default this application is configured to use SQL server, but by doing minor changes you can easily switch to any database of your choice. Details

Frontend

Highlights

  • Preconfigured axios for jwt authentication
  • Automatic page & Ajax progress bars
  • Persistent login & register implemented using Vuex & Vue-router
  • Bootswatch used for themes
  • Webpack dev & build server configured (with linting)
  • Stylus is enabled
  • Some Vue-mixins for authentication/user info

Build Setup

Comments

  • [Snyk] Fix for 1 vulnerabilities
    [Snyk] Fix for 1 vulnerabilities

    Oct 3, 2019

    Description

    This PR fixes one or more vulnerable packages in the npm dependencies of this project. See the Snyk test report for more details.

    Snyk Project: mubaidr/node-vue-template:frontend/package.json

    Snyk Organization: mubaidr

    Changes included in this PR

    Vulnerabilities that will be fixed

    With a Snyk patch:

    You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

    Check the changes in this PR to ensure they won't cause issues with your project.

    Stay secure, The Snyk team

    Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.

    Reply
  • [Snyk] Fix for 1 vulnerabilities
    [Snyk] Fix for 1 vulnerabilities

    Oct 4, 2019

    Description

    This PR fixes one or more vulnerable packages in the npm dependencies of this project. See the Snyk test report for more details.

    Snyk Project: mubaidr/node-vue-template:frontend/package.json

    Snyk Organization: mubaidr (GitHub marketplace)

    Changes included in this PR

    Vulnerabilities that will be fixed

    With a Snyk patch:

    You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

    Check the changes in this PR to ensure they won't cause issues with your project.

    Stay secure, The Snyk team

    Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.

    Reply
  • Bump eslint-loader from 2.2.1 to 3.0.2 in /backend
    Bump eslint-loader from 2.2.1 to 3.0.2 in /backend

    Nov 1, 2019

    Bumps eslint-loader from 2.2.1 to 3.0.2.

    Release notes

    Sourced from eslint-loader's releases.

    v3.0.2

    3.0.2 (2019-09-27)

    Bug Fixes

    v3.0.1

    3.0.1 (2019-09-25)

    Bug Fixes

    • module build failed error at Linter.parseResults (#294) (360e69c)

    v3.0.0

    3.0.0 (2019-08-24)

    Bugfix

    • fix corrupted filenames if cwd == "/"
    • cannot use string formatter in outputReport
    • no Output Report in File when build fails under webpack 4
    • add posibility to use absolute file path in outputReport.filePath
    • it should be possible to use absolute file path in outputReport.filePath
    • try load official formatter (#285) (997cce5)
    • emit warning/error if no config was found/given (#286) (4204560)

    Features

    • validate schema options

    Breaking Changes

    • drop support for Node < 8.9.0
    • minimum supported webpack version is 4
    • minimum supported eslint version is 5
    Changelog

    Sourced from eslint-loader's changelog.

    3.0.2 (2019-09-27)

    Bug Fixes

    3.0.1 (2019-09-25)

    Bug Fixes

    • module build failed error at Linter.parseResults (#294) (360e69c)

    3.0.0 (2019-08-24)

    Bugfix

    • fix corrupted filenames if cwd == "/"
    • cannot use string formatter in outputReport
    • no Output Report in File when build fails under webpack 4
    • add posibility to use absolute file path in outputReport.filePath
    • it should be possible to use absolute file path in outputReport.filePath
    • try load official formatter (#285) (997cce5)
    • emit warning/error if no config was found/given (#286) (4204560)

    Features

    • validate schema options

    Breaking Changes

    • drop support for Node < 8.9.0
    • minimum supported webpack version is 4
    • minimum supported eslint version is 5
    Commits
    Maintainer changes

    This version was pushed to npm by ricardogobbosouza, a new releaser for eslint-loader since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump eslint-config-prettier from 3.3.0 to 6.5.0 in /backend
    Bump eslint-config-prettier from 3.3.0 to 6.5.0 in /backend

    Nov 1, 2019

    Bumps eslint-config-prettier from 3.3.0 to 6.5.0.

    Changelog

    Sourced from eslint-config-prettier's changelog.

    Version 6.5.0 (2019-10-26)

    • Added: Support for [excluding deprecated rules]. Thanks to Alex Ilyaev (@​alexilyaev)!

    Version 6.4.0 (2019-10-05)

    • Added: [unicorn/no-nested-ternary]. Thanks to Yang Mingshan (@​yangmingshan)!

    Version 6.3.0 (2019-09-10)

    • Added: [@typescript-eslint/brace-style]. Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.2.0 (2019-09-03)

    • Added: [@typescript-eslint/quotes] (as a [special rule][@typescript-eslint/quotes-special]). Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.1.0 (2019-08-19)

    • Added: [function-call-argument-newline] (new in ESLint 6.2.0). Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.0.0 (2019-06-25)

    • Changed: The CLI helper tool now considers [no-confusing-arrow] to conflict if you use the default value of its allowParens option. The default was changed to true in ESLint 6, which conflicts with Prettier.

      If the CLI helper tool gives you errors about this after upgrading, the solution is to change this:

      {
        "rules": {
          "no-confusing-arrow": ["error"]
        }
      }
      

      Into this:

      {
        "rules": {
          "no-confusing-arrow": ["error", { "allowParens": false }]
        }
      
    ... (truncated)
    Commits
    • b4ade2b eslint-config-prettier v6.5.0
    • 9f6b594 Update npm packages
    • 4fdaa04 Handle deprecated rules (closes #112) (#121)
    • c8f1a2d Revert "Bump get-stdin from 6.0.0 to 7.0.0" (#119)
    • 5973374 Revert "Bump cross-spawn from 6.0.5 to 7.0.1" (#118)
    • 6ef63eb Revert "Bump get-stdin from 6.0.0 to 7.0.0 (#113)"
    • 0f92e53 Revert "Bump cross-spawn from 6.0.5 to 7.0.1 (#117)"
    • 392e8e4 Update @typescript-eslint/eslint-plugin
    • 7cd7d45 Update eslint-plugin-unicorn version in readme
    • a38dc59 Bump cross-spawn from 6.0.5 to 7.0.1 (#117)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump config from 2.0.1 to 3.2.4 in /backend
    Bump config from 2.0.1 to 3.2.4 in /backend

    Nov 1, 2019

    Bumps config from 2.0.1 to 3.2.4.

    Changelog

    Sourced from config's changelog.

    3.2.4 / 2019-10-25

    3.2.3 / 2019-10-03

    3.2.2 / 2019-07-20

    • Fixed delimiter bug in configDirs to match O/S delimiter - @​iMoses

    3.2.1 / 2019-07-18

    • Fixed TypeError: obj.toString is not a function - @​leosuncin

    3.2.0 / 2019-07-11

    3.1.0 / 2019-04-07

    3.0.1 / 2018-12-16

    • Fixed bug where dot notation extended own key @​exogen

    3.0.0 / 2018-11-20

    • Ensure config array items and objects are sealed @​fgheorghe
      • This required a major version bump in case someone
      • relied on the ability to mutate non-sealed data.

    2.0.2 / 2018-08-28

    • Added dot notation to setModuleDefaults - bertho-zero
    • Updated copyright year - JemiloII
    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump tedious from 3.0.1 to 6.6.0 in /backend
    Bump tedious from 3.0.1 to 6.6.0 in /backend

    Nov 1, 2019

    Bumps tedious from 3.0.1 to 6.6.0.

    Release notes

    Sourced from tedious's releases.

    v6.6.0

    6.6.0 (2019-10-17)

    Features

    • add AAD Service Principal Secret authorization method (d351c43)

    v6.5.0

    6.5.0 (2019-10-16)

    Features

    • use jsbi for reading and writing int64 and uint64 values (1a740aa)

    v6.4.0

    6.4.0 (2019-09-07)

    Features

    • allow returning lowercase GUIDs (e720d1a)

    v6.3.0

    6.3.0 (2019-08-02)

    Features

    • add MSI authentication support for Azure SQL databases (7721dac)

    v6.2.1

    6.2.1 (2019-07-31)

    Bug Fixes

    • fix TLS issues on Node.js 12.4 and newer (69968f9)

    v6.2.0

    6.2.0 (2019-06-05)

    Features

    • unblock JS event loop when process large TVP (d949dd8)

    v6.1.2

    6.1.2 (2019-05-26)

    ... (truncated)
    Commits
    • d351c43 feat: add AAD Service Principal Secret authorization method
    • f2336c2 Merge pull request #980 from tediousjs/arthur/jsbi
    • b969541 chore: drop big-number dependency
    • 943d8a3 refactor: replace big-number usage with jsbi
    • 5ad0666 Merge branch 'master' into arthur/jsbi
    • d83256f Merge pull request #989 from tediousjs/revert-azure-library
    • 803c569 chore: revert back azure library dependency version
    • 1a740aa feat: use jsbi for reading and writing int64 and uint64 values
    • c60eaef chore: add [email protected]
    • 7e5c387 Merge pull request #985 from tediousjs/arthur/update-deps
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump validator from 10.11.0 to 12.0.0 in /backend
    Bump validator from 10.11.0 to 12.0.0 in /backend

    Nov 1, 2019

    Bumps validator from 10.11.0 to 12.0.0.

    Changelog

    Sourced from validator's changelog.

    HEAD

    11.1.0

    11.0.0

    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump vee-validate from 2.2.13 to 3.0.11 in /frontend
    Bump vee-validate from 2.2.13 to 3.0.11 in /frontend

    Nov 1, 2019

    Bumps vee-validate from 2.2.13 to 3.0.11.

    Release notes

    Sourced from vee-validate's releases.

    v3.0.11

    🐛 Fixes

    • Handle .number and .trim modifiers for v-model which caused issues in eager mode. #2403 (#2408)

    v3.0.10

    🐛 Fixed

    • Fix an issue where a rule with length parameter would be confused for an array when using a normalized object. #2398 (#2399)

    v3.0.9

    🐛 Fixed

    • Fix an issue where undefined values would skip validation. #2388 (#2397)
    • Fix empty pipes causing an empty string validator to be resolved. #2386 (#2389)

    3.0.8

    🐛 Fixes

    • fix: improve early escape detection bug introduced by (#2355) after finding model value. #2378 (#2381)

    ✨ Enhancements

    • propagate observer setErrors to its child observers (#2380) thanks to @​Borzik

    🌏 i18n

    • fix(locale): alter zh_TW to native language (#2377) thanks to @​FPNL

    3.0.7

    🐛 Fixes:

    • required_if loose comparison instead of strict ones and allow values to be optional. #2362
    • setInteractionMode second parameter should be optional. #2351 (#2352) thanks to @​WarisR

    ✨Enhancements

    3.0.6

    This release includes some performance benefits and new features

    🐛 Fixed

    • perf: cache the listeners generated by vee-validate 6dc9fad2992138627dfa96063e6d78d896b3a6e2
    • perf: when using ValidationProvider as a slotted wrapper it caused max-callstack errors. #2262 #2347 #2185
    • params with falsy values not being used in interpolation #2332
    • textarea not being identified as a text input #2333
    • the required flag not being restored after calling reset() #2323
    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump url-loader from 1.1.2 to 2.2.0 in /frontend
    Bump url-loader from 1.1.2 to 2.2.0 in /frontend

    Nov 1, 2019

    Bumps url-loader from 1.1.2 to 2.2.0.

    Release notes

    Sourced from url-loader's releases.

    v2.2.0

    2.2.0 (2019-10-04)

    Features

    v2.1.0

    2.1.0 (2019-07-18)

    Features

    v2.0.1

    2.0.1 (2019-06-25)

    Bug Fixes

    • allow using limit as string when you use loader with query string (#185) (4842f93)

    v2.0.0

    2.0.0 (2019-06-05)

    Bug Fixes

    • rm unnecessary bin field (#163) (b603665)
    • limit should always be a number and 0 value handles as number (#180) (d82e453)
    • fallback loader will be used than limit is equal or greater (#179) (3c24545)

    Features

    BREAKING CHANGES

    • minimum required nodejs version is 8.9.0
    • limit should always be a number and 0 value handles as number
    • fallback loader will be used than limit is equal or greater (before only when greater)
    Changelog

    Sourced from url-loader's changelog.

    2.2.0 (2019-10-04)

    Features

    2.1.0 (2019-07-18)

    Features

    2.0.1 (2019-06-25)

    Bug Fixes

    • allow using limit as string when you use loader with query string (#185) (4842f93)

    2.0.0 (2019-06-05)

    Bug Fixes

    • rm unnecessary bin field (#163) (b603665)
    • limit should always be a number and 0 value handles as number (#180) (d82e453)
    • fallback loader will be used than limit is equal or greater (#179) (3c24545)

    Features

    BREAKING CHANGES

    • minimum required nodejs version is 8.9.0
    • limit should always be a number and 0 value handles as number
    • fallback loader will be used than limit is equal or greater (before only when greater)

    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump eslint-config-prettier from 3.3.0 to 6.5.0 in /frontend
    Bump eslint-config-prettier from 3.3.0 to 6.5.0 in /frontend

    Nov 1, 2019

    Bumps eslint-config-prettier from 3.3.0 to 6.5.0.

    Changelog

    Sourced from eslint-config-prettier's changelog.

    Version 6.5.0 (2019-10-26)

    • Added: Support for [excluding deprecated rules]. Thanks to Alex Ilyaev (@​alexilyaev)!

    Version 6.4.0 (2019-10-05)

    • Added: [unicorn/no-nested-ternary]. Thanks to Yang Mingshan (@​yangmingshan)!

    Version 6.3.0 (2019-09-10)

    • Added: [@typescript-eslint/brace-style]. Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.2.0 (2019-09-03)

    • Added: [@typescript-eslint/quotes] (as a [special rule][@typescript-eslint/quotes-special]). Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.1.0 (2019-08-19)

    • Added: [function-call-argument-newline] (new in ESLint 6.2.0). Thanks to Masafumi Koba (@​ybiquitous)!

    Version 6.0.0 (2019-06-25)

    • Changed: The CLI helper tool now considers [no-confusing-arrow] to conflict if you use the default value of its allowParens option. The default was changed to true in ESLint 6, which conflicts with Prettier.

      If the CLI helper tool gives you errors about this after upgrading, the solution is to change this:

      {
        "rules": {
          "no-confusing-arrow": ["error"]
        }
      }
      

      Into this:

      {
        "rules": {
          "no-confusing-arrow": ["error", { "allowParens": false }]
        }
      
    ... (truncated)
    Commits
    • b4ade2b eslint-config-prettier v6.5.0
    • 9f6b594 Update npm packages
    • 4fdaa04 Handle deprecated rules (closes #112) (#121)
    • c8f1a2d Revert "Bump get-stdin from 6.0.0 to 7.0.0" (#119)
    • 5973374 Revert "Bump cross-spawn from 6.0.5 to 7.0.1" (#118)
    • 6ef63eb Revert "Bump get-stdin from 6.0.0 to 7.0.0 (#113)"
    • 0f92e53 Revert "Bump cross-spawn from 6.0.5 to 7.0.1 (#117)"
    • 392e8e4 Update @typescript-eslint/eslint-plugin
    • 7cd7d45 Update eslint-plugin-unicorn version in readme
    • a38dc59 Bump cross-spawn from 6.0.5 to 7.0.1 (#117)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    Reply
  • Bump node-notifier from 5.4.0 to 5.4.3 in /frontend
    Bump node-notifier from 5.4.0 to 5.4.3 in /frontend

    Sep 1, 2019

    Bumps node-notifier from 5.4.0 to 5.4.3.

    Changelog

    Sourced from node-notifier's changelog.

    v5.4.3

    • Reverts breaking dependency upgrades from v5.4.2 as some dependencies has removed Node 6 which is a breaking change.

    v5.4.2

    • Updates dependencies

    v5.4.1

    • Reverts changes to default timeout as they are causing some issues. See #271
    Commits
    • 1101e6d Update version to v5.4.3
    • d204329 Revert "Fixes tests after mapping change"
    • 9a1fc72 Update lock file after audit
    • 8769921 Revert "Bumps all dependencies"
    • 3ae8fd7 Merge pull request #284 from mikaelbr/revert-271-overwritable-timeout
    • 5c48dc8 Revert "Allow timeout: false to remove a timeout"
    • 722f9d9 Revert "Remove node 6 from travis run"
    • 12d971d Revert "v5.4.2"
    • d907d54 Revert "Revert "Fixes tests after mapping change""
    • b9946dc Merge pull request #271 from jnielson94/overwritable-timeout
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump webpack-cli from 3.3.6 to 3.3.7 in /frontend
    Bump webpack-cli from 3.3.6 to 3.3.7 in /frontend

    Sep 1, 2019

    Bumps webpack-cli from 3.3.6 to 3.3.7.

    Release notes

    Sourced from webpack-cli's releases.

    Webpack-CLI v3.3.7

    Version 3.3.7 comes with vulnerability patches and a bugfix to using the CLI when there is no configuration file present. A full changelog found here

    Changelog

    Sourced from webpack-cli's changelog.

    3.3.7 (2019-08-18)

    Full Changelog

    Chore

    Fix

    • resolve opts when no-config (fb31cc4)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump uglifyjs-webpack-plugin from 1.2.7 to 1.3.0 in /frontend
    Bump uglifyjs-webpack-plugin from 1.2.7 to 1.3.0 in /frontend

    Sep 1, 2018

    Bumps uglifyjs-webpack-plugin from 1.2.7 to 1.3.0.

    Release notes

    Sourced from uglifyjs-webpack-plugin's releases.

    v1.3.0

    2018-08-14

    Bug Fixes

    • all nodejs globals avaliable inside minify function (#332) (24fe22b)
    • uglify/Runner: cpus length in a chroot environment (os.cpus()) (#341) (6d9c36f)

    Features

    Changelog

    Sourced from uglifyjs-webpack-plugin's changelog.

    1.3.0 (2018-08-14)

    Bug Fixes

    • all nodejs globals avaliable inside minify function (#332) (24fe22b)
    • uglify/Runner: cpus length in a chroot environment (os.cpus()) (#341) (6d9c36f)

    Features

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump portfinder from 1.0.21 to 1.0.23 in /frontend
    Bump portfinder from 1.0.21 to 1.0.23 in /frontend

    Sep 1, 2019

    Bumps portfinder from 1.0.21 to 1.0.23.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump webpack from 4.39.0 to 4.39.3 in /frontend
    Bump webpack from 4.39.0 to 4.39.3 in /frontend

    Sep 1, 2019

    Bumps webpack from 4.39.0 to 4.39.3.

    Release notes

    Sourced from webpack's releases.

    v4.39.3

    Bugfixes

    • fix a missing module in chunk caused by incorrect chunk graph generation of async chunks

    v4.39.2

    Bugfixes

    • fix ProfilingPlugin not ending traces correctly

    v4.39.1

    Bugfixes

    • fix problem that progress lines were too long on some terminals
    • fix a problem that ...100% is displayed instead of 100%
    Commits
    • 94929a5 4.39.3
    • 6bf1868 Merge pull request #9635 from webpack/bugfix/9634
    • 83dd295 fixes #9634
    • 54519bd Merge pull request #9630 from webpack/dependabot/npm_and_yarn/eslint-utils-1.4.2
    • aa8d930 chore(deps): bump eslint-utils from 1.3.1 to 1.4.2
    • b16ca50 Merge pull request #9603 from noscripter/patch-1
    • 0601b12 Merge pull request #9623 from webpack/dependabot/npm_and_yarn/less-3.10.3
    • d56b9f8 chore(deps-dev): bump less from 3.10.2 to 3.10.3
    • 9dc49cf Merge pull request #9613 from shaodahong/optimize-eslint
    • 85421cd improve linting performance
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump snyk from 1.208.0 to 1.222.1 in /frontend
    Bump snyk from 1.208.0 to 1.222.1 in /frontend

    Sep 1, 2019

    Bumps snyk from 1.208.0 to 1.222.1.

    Release notes

    Sourced from snyk's releases.

    v1.222.1

    1.222.1 (2019-08-30)

    Bug Fixes

    • correct order of parameters in formatIssue (96bf2d8)

    v1.222.0

    1.222.0 (2019-08-30)

    Bug Fixes

    • add wrapping to fix alignment of text (86cf4df)
    • downgrade wrap-ansi version as we support node6 (2b8f433)

    Features

    v1.221.1

    1.221.1 (2019-08-28)

    Bug Fixes

    • support python_version wildcards in requirements.txt (cd51b89)

    v1.221.0

    1.221.0 (2019-08-27)

    Features

    • sort all vulns by severity before display (b741f66)

    v1.220.0

    1.220.0 (2019-08-26)

    Features

    • update nuget plugin to support net4 target framework (3a3449f)

    v1.219.0

    1.219.0 (2019-08-25)

    ... (truncated)
    Commits
    • f93b4d7 Merge pull request #756 from snyk/fix/legal-instructions-parameter-order
    • 96bf2d8 fix: correct order of parameters in formatIssue
    • 63927b1 Merge pull request #726 from snyk/feat/add_legal_instruction
    • 2b8f433 fix: downgrade wrap-ansi version as we support node6
    • 86cf4df fix: add wrapping to fix alignment of text
    • 94f8280 feat: add legal instructions
    • 7f2c6f4 Merge pull request #752 from snyk/fix/python-wildcards
    • cd51b89 fix: support python_version wildcards in requirements.txt
    • 375b4d0 Merge pull request #742 from snyk/feat/sort-actionable-remediation
    • 14c115a Merge pull request #751 from snyk/feat/support-dotnet-framework-net4
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Bump file-loader from 1.1.6 to 1.1.11 in /frontend
    Bump file-loader from 1.1.6 to 1.1.11 in /frontend

    Jun 4, 2018

    Bumps file-loader from 1.1.6 to 1.1.11.

    Release notes

    Sourced from file-loader's releases.

    v1.1.11

    2018-03-01

    Reverts

    • index: context takes precedence over issuer.context (options.useRelativePath) (#260) (e73131f)

    v1.1.10

    2018-02-26

    Bug Fixes

    • package: add webpack >= 4 (peerDependencies) (#255) (3a6a7a1)

    v1.1.9

    2018-02-21

    Bug Fixes

    • index: handle protocol URL's correctly (options.publicPath) (#253) (54fa5a3)
    • index: use path.posix for platform consistency (#254) (2afe0af)

    v1.1.8

    2018-02-20

    Bug Fixes

    • index: context takes precedence over issuer.context (options.useRelativePath) (3b071f5)
    • index: don't append outputPath to the original url (options.outputPath {Function}) (4c1ccaa)
    • index: normalize and concat paths via path.join() (26e47ca)

    v1.1.7

    2018-02-19

    Bug Fixes

    • index: don't concat options.outputPath and options.publicPath (#246) (98bf052)

    webpack.config.js

    </table> ... (truncated)
    
    Changelog

    Sourced from file-loader's changelog.

    1.1.11 (2018-03-01)

    Reverts

    • index: context takes precedence over issuer.context (options.useRelativePath) (#260) (e73131f)

    1.1.10 (2018-02-26)

    Bug Fixes

    • package: add webpack >= 4 (peerDependencies) (#255) (3a6a7a1)

    1.1.9 (2018-02-21)

    Bug Fixes

    • index: handle protocol URL's correctly (options.publicPath) (#253) (54fa5a3)
    • index: use path.posix for platform consistency (#254) (2afe0af)

    1.1.8 (2018-02-20)

    Bug Fixes

    • index: context takes precedence over issuer.context (options.useRelativePath) (3b071f5)
    • index: don't append outputPath to the original url (options.outputPath {Function}) (4c1ccaa)
    • index: normalize and concat paths via path.join() (26e47ca)

    Commits
    • f7f6d6c chore(release): 1.1.11
    • e73131f revert(index): context takes precedence over issuer.context (`options.use...
    • d27b04c chore(release): 1.1.10
    • 3a6a7a1 fix(package): add webpack >= 4 (peerDependencies) (#255)
    • b3f9189 chore(release): 1.1.9
    • 2afe0af fix(index): use path.posix for platform consistency (#254)
    • 54fa5a3 fix(index): handle protocol URL's correctly (options.publicPath) (#253)
    • c0785d1 chore(release): 1.1.8
    • 26e47ca fix(index): normalize and concat paths via path.join()
    • 4c1ccaa fix(index): don't append outputPath to the original url (`options.outputP...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

    You can always request more updates by clicking Bump now in your Dependabot dashboard.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use (this|these) label[s] will set the current labels as the default for future PRs for this repo and language
    • @dependabot use (this|these) reviewer[s] will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use (this|these) assignee[s] will set the current assignees as the default for future PRs for this repo and language

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • Prod build incompatible with Webpack 4.0
    Prod build incompatible with Webpack 4.0

    Sep 3, 2018

    Hi, just tried to build a prod version of my app.

    This message appeared: Error: webpack.optimize.CommonsChunkPlugin has been removed, please use config.optimization.splitChunks instead.

    It appears this is a deprecated plugin in webpack 4.

    It is therefore not possile to use the app in prod.

    Reply
  • Bump webpack-dev-server from 3.7.2 to 3.8.0 in /frontend
    Bump webpack-dev-server from 3.7.2 to 3.8.0 in /frontend

    Sep 1, 2019

    Bumps webpack-dev-server from 3.7.2 to 3.8.0.

    Release notes

    Sourced from webpack-dev-server's releases.

    v3.8.0

    3.8.0 (2019-08-09)

    Bug Fixes

    • server: fix setupExitSignals usage (#2181) (bbe410e)
    • server: set port before instantiating server (#2143) (cfbf229)
    • check for name of HotModuleReplacementPlugin to avoid RangeError (#2146) (4579775)
    • server: check for external urls in array (#1980) (fa78347)
    • server: fix header check for socket server (#2077) (7f51859)
    • server: stricter headers security check (#2092) (078ddca)

    Features

    Potential Breaking Changes

    We have migrated serverMode and clientMode to transportMode as an experimental option. If you want to use this feature, you have to change your settings.

    Related PR: #2116

    Changelog

    Sourced from webpack-dev-server's changelog.

    3.8.0 (2019-08-09)

    Bug Fixes

    • server: fix setupExitSignals usage (#2181) (bbe410e)
    • server: set port before instantiating server (#2143) (cfbf229)
    • check for name of HotModuleReplacementPlugin to avoid RangeError (#2146) (4579775)
    • server: check for external urls in array (#1980) (fa78347)
    • server: fix header check for socket server (#2077) (7f51859)
    • server: stricter headers security check (#2092) (078ddca)

    Features

    Potential Breaking changes

    We have migrated serverMode and clientMode to transportMode as an experimental option. If you want to use this feature, you have to change your settings.

    Related PR: #2116

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    Reply
  • mysql version
    mysql version

    Dec 10, 2017

    I'm converting this project to use mysql I've add port in option.js and modified the new sequelize cmds How to avoid use of SET QUOTED_IDENTIFIER ?

    Reply