Closed dependabot[bot] closed 4 years ago
dependabot[bot]
commented
4 years ago OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
github-learning-lab[bot]
commented
4 years ago Nice, your log output is no longer showing reference to those previous commits. So, what exactly just happened?
You probably noticed that when you ran the git filter-branch command, Git did some rewriting to some commits in the repository's history. Since we needed to alter the commits that referenced the .env file, it altered the commit ID, and all proceeding commits that point back to those commits.
This is why you need to consider local work and branches that are based on this previous history. This is okay to run, as long as everyone contributing in the repository is aware of the situation and can plan accordingly.
Those commits no longer show in the file contents in your repository history. You can see this by navigating to your repository's commit history and clicking on the "Add .env file" commit. Notice that there are now no referenced files or content recorded.
However, we can still access the cached commit if we know the old commit ID: https://github.com/admiralAwkbar/security-strategy-essentials/commit/848cd8c2043f6161a4f0043bffee212777281494
This is where we'll need to contact the amazing GitHub Support team for assistance.
Even though we removed these commits, the historical reference to them can still be found if you know the commit ID. In a real world situation, you'll need to contact GitHub Support to perform the following:
For our situation, we can skip contacting GitHub Support for this example! :smile:
Bumps debug from 2.6.8 to 4.1.1.
Release notes
*Sourced from [debug's releases](https://github.com/visionmedia/debug/releases).* > ## 4.1.1 > This backport fixes a bug in coveralls configuration as well as the `.extend()` function. > > # Patches > > - test: only run coveralls on travis ([#663](https://github-redirect.dependabot.com/visionmedia/debug/issues/663), [#664](https://github-redirect.dependabot.com/visionmedia/debug/issues/664), d0e498f159bd425b3403db38c98fe26a345d4dcd) > - copy custom logger to namespace extension ([#646](https://github-redirect.dependabot.com/visionmedia/debug/issues/646), 57ef085703a0158679cc4a56a4980653b828ce51) > > ## 4.1.0 > # Minor Changes > > - migrate Makefile to npm scripts (4236585a40787fe60ed625452163299600df2ce6) > - feat: Return namespaces string when invoking disable() (7ef8b417a86941372074f749019b9f439a1f6ef6) > > Massive _thank you_ to [@mblarsen](https://github.com/mblarsen) and [@outsideris](https://github.com/outsideris) for knocking out two long-awaited changes. > > ## 4.0.1 > This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com. > > ### Patches > - fix browserify and supply alternative unpkg entry point (closes [#606](https://github-redirect.dependabot.com/visionmedia/debug/issues/606)): 99c95e3d54b07a918ad65bc148a2930ea8bfdd02 > > ## 4.0.0 > A long-awaited release to `debug` is available now: **`4.0.0`**. > > #### Due to the delay in release and the number of changes made (including bumping dependencies in order to mitigate vulnerabilities), it is highly recommended maintainers update to the latest package version and _test thoroughly_. > > #### This release drops support for Node 4 and 5 in alignment with the [Node.js LTS Release Schedule](https://github.com/nodejs/Release). > > --- > > ### Major Changes > - move to XO (closes [#397](https://github-redirect.dependabot.com/visionmedia/debug/issues/397)): ba8a424d41e9dc6129e081ac3aa9715be6a45fbd > - add Node.js 10, remove Node.js 4 ([#583](https://github-redirect.dependabot.com/visionmedia/debug/issues/583)): 05b0ceb8856bc7b6bb0f2adc3de5cae3cea9c872 > > ### Minor Changes > - bump vulnerable packages: 853853f9f588044d76df3daf1959ca56c5f341b7 > - Fix nwjs support ([#569](https://github-redirect.dependabot.com/visionmedia/debug/issues/569)): 207a6a2d53507ec9dd57c94c46cc7d3dd272306d > - add instance extends feature ([#524](https://github-redirect.dependabot.com/visionmedia/debug/issues/524)): e43e5fed177b8698674748063f4ed1aaba1d59c8 > - Add TVMLKit support ([#579](https://github-redirect.dependabot.com/visionmedia/debug/issues/579)): 02b9ea9fd7ec95c42de47da13b4b6bb8e50025d8 > > ### Patches > - clean up builds: 3ca23316a470f6bc6e0d75d297179cfc19bbc763 > - remove needless command aliases in makefile: 9f4f8f59ba745166b0c014a61c76de5e73d4841a > - no longer checking for BROWSER=1: 623c08ef73f8211278d5596c88041c65a2a58ee7 > - fix tests: 57cde56e43003f6b404d4b3d9d76b74aafaeeec8 > - clean up makefile: 62822f12668e8a0b1d1a4fd5a1c2fce1d8715da3 > - fix tests: 833b6f84c8f8dc5b6f13da38ab0ef8a8ff86c0c9 > - add .editorconfig: 2d2509e26bf6df1e1954267e3b1a1cb83973fb09 > - add yarn-error.log to .gitignore: 7e1d5d94f31b37b460fb8d88000ab7ed0be3597e > ... (truncated)Commits
- [`68b4dc8`](https://github.com/visionmedia/debug/commit/68b4dc8d8549d3924673c38fccc5d594f0a38da1) 4.1.1 - [`7571608`](https://github.com/visionmedia/debug/commit/75716080a39f916f643bae2671ba2fdfe78d1c45) remove .coveralls.yaml - [`57ef085`](https://github.com/visionmedia/debug/commit/57ef085703a0158679cc4a56a4980653b828ce51) copy custom logger to namespace extension (fixes [#646](https://github-redirect.dependabot.com/visionmedia/debug/issues/646)) - [`d0e498f`](https://github.com/visionmedia/debug/commit/d0e498f159bd425b3403db38c98fe26a345d4dcd) test: only run coveralls on travis - [`e30e8fd`](https://github.com/visionmedia/debug/commit/e30e8fdbc92c4cf6b3007cd1c3ad2c3cbb82be85) 4.1.0 - [`7ef8b41`](https://github.com/visionmedia/debug/commit/7ef8b417a86941372074f749019b9f439a1f6ef6) feat: Return namespaces string when invoking disable() - [`4236585`](https://github.com/visionmedia/debug/commit/4236585a40787fe60ed625452163299600df2ce6) migrate Makefile to npm scripts - [`4490cd9`](https://github.com/visionmedia/debug/commit/4490cd95bfb952e1ed756914ac225ddc987b2ba3) 4.0.1 - [`99c95e3`](https://github.com/visionmedia/debug/commit/99c95e3d54b07a918ad65bc148a2930ea8bfdd02) fix browserify and supply alternative unpkg entry point (closes [#606](https://github-redirect.dependabot.com/visionmedia/debug/issues/606)) - [`7fb104b`](https://github.com/visionmedia/debug/commit/7fb104b8cfcbc3a91d8e4a6727638c3fe24be8d2) 4.0.0 - Additional commits viewable in [compare view](https://github.com/visionmedia/debug/compare/2.6.8...4.1.1)Maintainer changes
This version was pushed to npm by [qix](https://www.npmjs.com/~qix), a new releaser for debug since your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/admiralAwkbar/security-strategy-essentials/network/alerts).