{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":380886004,"defaultBranch":"main","name":"ecko","ownerLogin":"magicstone-dev","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-06-28T02:41:36.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/89214728?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1689035660.0","currentOid":""},"activityList":{"items":[{"before":"cfdc396eed25f03c69e4b378acbc07e4abaee3a1","after":"a11982ed5341fb447ac3f65543488a014aa319d5","ref":"refs/heads/main","pushedAt":"2024-02-01T18:20:30.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"weex","name":"David Sterry","path":"/weex","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38776?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":"ad2d2e8180128c47f518630de8e32ee3c18f49bf","after":"cfdc396eed25f03c69e4b378acbc07e4abaee3a1","ref":"refs/heads/main","pushedAt":"2024-02-01T18:13:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"weex","name":"David Sterry","path":"/weex","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38776?s=80&v=4"},"commit":{"message":"Fix insufficient origin validation (#502)\n\nI wasn't able to test this but wanted to merge before archiving the repository.\r\n\r\n--\r\n\r\nThis is a port of the fixes released today for Mastodon (see\r\nhttps://mastodon.social/@MastodonEngineering/111839553542311522)\r\n\r\nDue to the severity of the issue, we recommend you merge this patch\r\nASAP.\r\n\r\nPlease be aware that I only performed cursory verification of the\r\npatch's correct behavior, so I encourage you to take your time to review\r\nit carefully once it is deployed.\r\n\r\nFinally, please understand that we do not officially support older\r\nversions (see https://github.com/mastodon/mastodon/blob/main/SECURITY.md\r\nfor officially supported versions) nor forks, and while I exceptionally\r\nported this patch, I am not able to ensure this will happen for any\r\nother patch going forward.","shortMessageHtmlLink":"Fix insufficient origin validation (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2111998201\" data-permission-text=\"Title is private\" data-url=\"https://github.com/magicstone-dev/ecko/issues/502\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/magicstone-dev/ecko/pull/502/hovercard\" href=\"https://github.com/magicstone-dev/ecko/pull/502\">#502</a>)"}},{"before":"27953044f042370eb8d42f29dde9e44c91e820a8","after":"ad2d2e8180128c47f518630de8e32ee3c18f49bf","ref":"refs/heads/main","pushedAt":"2023-09-20T16:19:08.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"weex","name":"David Sterry","path":"/weex","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38776?s=80&v=4"},"commit":{"message":"apply upstream patch 9deb1781 (#500)\n\nCo-authored-by: Anon <anon@example.com>","shortMessageHtmlLink":"apply upstream patch 9deb1781 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1905331330\" data-permission-text=\"Title is private\" data-url=\"https://github.com/magicstone-dev/ecko/issues/500\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/magicstone-dev/ecko/pull/500/hovercard\" href=\"https://github.com/magicstone-dev/ecko/pull/500\">#500</a>)"}},{"before":null,"after":"26f05000f2022ef8194c9e9def4fc4c2b01d2beb","ref":"refs/heads/dependabot/npm_and_yarn/semver-5.7.2","pushedAt":"2023-07-11T00:34:20.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump semver from 5.7.1 to 5.7.2\n\nBumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.\n- [Release notes](https://github.com/npm/node-semver/releases)\n- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)\n- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)\n\n---\nupdated-dependencies:\n- dependency-name: semver\n  dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump semver from 5.7.1 to 5.7.2"}},{"before":null,"after":"6b868ab78c45d5b887c2408d3079bf9220307f95","ref":"refs/heads/dependabot/npm_and_yarn/tough-cookie-4.1.3","pushedAt":"2023-07-09T10:53:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump tough-cookie from 4.0.0 to 4.1.3\n\nBumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3.\n- [Release notes](https://github.com/salesforce/tough-cookie/releases)\n- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/salesforce/tough-cookie/compare/v4.0.0...v4.1.3)\n\n---\nupdated-dependencies:\n- dependency-name: tough-cookie\n  dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump tough-cookie from 4.0.0 to 4.1.3"}},{"before":null,"after":"51facdd6a8f6cb41a648f1915bfe2701a8b7adc2","ref":"refs/heads/dependabot/bundler/sanitize-6.0.2","pushedAt":"2023-07-06T20:05:18.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump sanitize from 6.0.1 to 6.0.2\n\nBumps [sanitize](https://github.com/rgrove/sanitize) from 6.0.1 to 6.0.2.\n- [Release notes](https://github.com/rgrove/sanitize/releases)\n- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md)\n- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.1...v6.0.2)\n\n---\nupdated-dependencies:\n- dependency-name: sanitize\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump sanitize from 6.0.1 to 6.0.2"}},{"before":"d029421835660764c895aa034a161354f4b831ae","after":"27953044f042370eb8d42f29dde9e44c91e820a8","ref":"refs/heads/main","pushedAt":"2023-07-06T17:58:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"weex","name":"David Sterry","path":"/weex","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/38776?s=80&v=4"},"commit":{"message":"Backport security fixes from upstream (#494)\n\nSigned-off-by: Claire <claire.github-309c@sitedethib.com>","shortMessageHtmlLink":"Backport security fixes from upstream (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1791579490\" data-permission-text=\"Title is private\" data-url=\"https://github.com/magicstone-dev/ecko/issues/494\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/magicstone-dev/ecko/pull/494/hovercard\" href=\"https://github.com/magicstone-dev/ecko/pull/494\">#494</a>)"}},{"before":null,"after":"95fa2d1ca44df2f992372f7431162701600850fb","ref":"refs/heads/dependabot/bundler/doorkeeper-5.6.6","pushedAt":"2023-06-12T19:53:25.280Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump doorkeeper from 5.5.2 to 5.6.6\n\nBumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.5.2 to 5.6.6.\n- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)\n- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.5.2...v5.6.6)\n\n---\nupdated-dependencies:\n- dependency-name: doorkeeper\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump doorkeeper from 5.5.2 to 5.6.6"}},{"before":null,"after":"0bb58f9a827c5551b81133faebb324942f0541b4","ref":"refs/heads/dependabot/bundler/sidekiq-7.0.8","pushedAt":"2023-04-24T20:37:35.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump sidekiq from 6.4.0 to 7.0.8\n\nBumps [sidekiq](https://github.com/sidekiq/sidekiq) from 6.4.0 to 7.0.8.\n- [Release notes](https://github.com/sidekiq/sidekiq/releases)\n- [Changelog](https://github.com/sidekiq/sidekiq/blob/main/Changes.md)\n- [Commits](https://github.com/sidekiq/sidekiq/compare/v6.4.0...v7.0.8)\n\n---\nupdated-dependencies:\n- dependency-name: sidekiq\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump sidekiq from 6.4.0 to 7.0.8"}},{"before":null,"after":"f33d62fc9976fa0bbac9dd5ee97db7881566d99d","ref":"refs/heads/dependabot/bundler/nokogiri-1.14.3","pushedAt":"2023-04-12T05:54:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.13.10 to 1.14.3\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.10 to 1.14.3.\n- [Release notes](https://github.com/sparklemotion/nokogiri/releases)\n- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.10...v1.14.3)\n\n---\nupdated-dependencies:\n- dependency-name: nokogiri\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump nokogiri from 1.13.10 to 1.14.3"}},{"before":"78fb81ccd199cbf5b66a56cf7b89d42f5dcfceb9","after":null,"ref":"refs/heads/dependabot/bundler/rack-2.2.6.4","pushedAt":"2023-03-19T23:40:00.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"677edb3a5bfa01ed708597a43cb54a065995a8f6","after":"d029421835660764c895aa034a161354f4b831ae","ref":"refs/heads/main","pushedAt":"2023-03-19T23:39:53.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"politas","name":"Myk","path":"/politas","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2109967?s=80&v=4"},"commit":{"message":"Bump rack from 2.2.6.2 to 2.2.6.4 (#490)\n\nBumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4.\n<details>\n<summary>Commits</summary>\n<ul>\n<li><a\nhref=\"https://github.com/rack/rack/commit/27addc7f1ae290b6b84c1c351e5b6d75a05bb40b\"><code>27addc7</code></a>\nbump version</li>\n<li><a\nhref=\"https://github.com/rack/rack/commit/ee7919ea04303717858be1c3f16b406adc6d8cff\"><code>ee7919e</code></a>\nAvoid ReDoS problem</li>\n<li><a\nhref=\"https://github.com/rack/rack/commit/d6b5b2bab88f458fb048133604faebea952d8133\"><code>d6b5b2b</code></a>\nbump version</li>\n<li><a\nhref=\"https://github.com/rack/rack/commit/9aac3757fe19cdb0476504c9245170115bec9668\"><code>9aac375</code></a>\nLimit all multipart parts, not just files</li>\n<li>See full diff in <a\nhref=\"https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.4\">compare\nview</a></li>\n</ul>\n</details>\n<br />\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rack&package-manager=bundler&previous-version=2.2.6.2&new-version=2.2.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n<details>\n<summary>Dependabot commands and options</summary>\n<br />\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the\ndefault for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as\nthe default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as\nthe default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the\ndefault for future PRs for this repo and language\n\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/magicstone-dev/ecko/network/alerts).\n\n</details>\n\nSigned-off-by: dependabot[bot] <support@github.com>\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump rack from 2.2.6.2 to 2.2.6.4 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1627279175\" data-permission-text=\"Title is private\" data-url=\"https://github.com/magicstone-dev/ecko/issues/490\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/magicstone-dev/ecko/pull/490/hovercard\" href=\"https://github.com/magicstone-dev/ecko/pull/490\">#490</a>)"}},{"before":"dd00a4545b3290f0da1282a898d6bdb60540fd79","after":null,"ref":"refs/heads/dependabot/bundler/rack-2.2.6.3","pushedAt":"2023-03-16T11:29:54.123Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"78fb81ccd199cbf5b66a56cf7b89d42f5dcfceb9","ref":"refs/heads/dependabot/bundler/rack-2.2.6.4","pushedAt":"2023-03-16T11:29:48.752Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rack from 2.2.6.2 to 2.2.6.4\n\nBumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4.\n- [Release notes](https://github.com/rack/rack/releases)\n- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.4)\n\n---\nupdated-dependencies:\n- dependency-name: rack\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump rack from 2.2.6.2 to 2.2.6.4"}},{"before":null,"after":"dd00a4545b3290f0da1282a898d6bdb60540fd79","ref":"refs/heads/dependabot/bundler/rack-2.2.6.3","pushedAt":"2023-03-09T02:44:12.442Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rack from 2.2.6.2 to 2.2.6.3\n\nBumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.3.\n- [Release notes](https://github.com/rack/rack/releases)\n- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.3)\n\n---\nupdated-dependencies:\n- dependency-name: rack\n  dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"Bump rack from 2.2.6.2 to 2.2.6.3"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAD73JQlAA","startCursor":null,"endCursor":null}},"title":"Activity · magicstone-dev/ecko"}