Skip to content
Snippets Groups Projects
Select Git revision
  • ardc-334-overdue-reports
  • ardc-main
  • ardc-deploy-20250204-hotfixes
  • try-ci
  • ardc-389-de-regex-filetypes
  • ardc-279-require-organization-name-on-application
  • ardc-281-require-review-expertise-field-on-draft
  • ots-main
  • smex-production
  • main default protected
  • request-review-workflow
  • lfc-main
  • smex-main
  • extension-ots-wagtail-email-configuration
  • enhancement/gh-3288-change-help-to-rich-text
  • new-workflow
  • smex-2-fix-reviewers
  • email-test
  • 224-project-report-forms-work-with-basic-fields
  • ardc-255-prefill-determination-msg
  • ardc-deploy-20250321
  • ardc-deploy-20250204
  • v5.23.0
  • ardc-deploy-20250107
  • v5.22.0
  • ardc-deploy-20241220
  • v5.21.1
  • v5.21.0
  • v5.20.0
  • v5.19.0
  • ardc-deploy-20241210
  • ardc-deploy-20241122
  • ardc-deploy-20241107
  • v5.18.0
  • ardc-deploy-20241029
  • ardc-deploy-20241022
  • v5.17.0
  • lfc-deploy-20241017
  • smex-deploy-20241017
  • ardc-deploy-20241015
40 results
Compare
user avatar
Bump json5 from 2.2.1 to 2.2.3 (#3104)
dependabot[bot] authored 
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/json5/json5/releases">json5's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.3</h2>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm
instead of v1.0.2. (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to
objects and arrays.
(<a
href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>)
This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's
changelog</a>.</em></p>
<blockquote>
<h3>v2.2.3 [<a
href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a
href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3>
<ul>
<li>Fix: json5@2.2.3 is now the 'latest' release according to npm
instead of
v1.0.2. (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/299">#299</a>)</li>
</ul>
<h3>v2.2.2 [<a
href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a
href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3>
<ul>
<li>Fix: Properties with the name <code>__proto__</code> are added to
objects and arrays.
(<a
href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>)
This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (<a
href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776"><code>c3a7524</code></a>
2.2.3</li>
<li><a
href="https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39"><code>94fd06d</code></a>
docs: update CHANGELOG for v2.2.3</li>
<li><a
href="https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce"><code>3b8cebf</code></a>
docs(security): use GitHub security advisories</li>
<li><a
href="https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c"><code>f0fd9e1</code></a>
docs: publish a security policy</li>
<li><a
href="https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0"><code>6a91a05</code></a>
docs(template): bug -&gt; bug report</li>
<li><a
href="https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650"><code>14f8cb1</code></a>
2.2.2</li>
<li><a
href="https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46"><code>10cc7ca</code></a>
docs: update CHANGELOG for v2.2.2</li>
<li><a
href="https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8"><code>7774c10</code></a>
fix: add <strong>proto</strong> to objects and arrays</li>
<li><a
href="https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d"><code>edde30a</code></a>
Readme: slight tweak to intro</li>
<li><a
href="https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16"><code>97286f8</code></a>
Improve example in readme</li>
<li>Additional commits viewable in <a
href="https://github.com/json5/json5/compare/v2.2.1...v2.2.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the
default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as
the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as
the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/HyphaApp/hypha/network/alerts

).

</details>

Signed-off-by: default avatardependabot[bot] <support@github.com>
Co-authored-by: default avatardependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6a2410aa
History
user avatar 6a2410aa
History
Name Last commit Last update
.github
.vscode
addressfield
docker
docs
hypha
public
.editorconfig
.eslintignore
.eslintrc.yaml
.gitignore
.jscsrc
.nvmrc
.stylelintrc.yaml
.test_durations
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
Makefile
Procfile
README.md
SECURITY.md
app.json
dslr.toml
manage.py
mkdocs.yml
package-lock.json
package.json
requirements-dev.txt
requirements-docs.txt
requirements.txt
runtime.txt
setup.cfg
stellar.yaml
README.md

Hypha

Hypha CI GitHub top language Lines of code GitHub commit activity GitHub release (latest by date) Translation status GitHub license Zulip chat Discource forum Website Documentation

Submission management software for open calls

Features

  • Manage the collection and review of applications or submissions openly and efficiently.
  • Customize all aspects of the process, forms, workflows, review options, and more.
  • Automate workflows and integrate with other services (Slack, Mailgun, etc).
  • Regularly audited software with many privacy and security features.
  • View our Roadmap for upcoming features and enhancements.

Technology

Hypha Community

We offer several virtual meeting spaces, including communication forums, chat room channels, and an open GitHub repository for new and current adopters. Join our forums to discuss new features and report bugs for continuous improvement of the platform. Get Started

You are welcome to test Hypha on our Sandbox Site. Enter the demo site and freely explore the potential of Hypha and its features. Online Demo

Who contributes to Hypha?

Hypha is improved by a small community of developers, designers, and users. As an open source software with a BSD 3-clause license, we welcome any contribution to expand on what the platform can do and to create add-on functionality not already available. OTF currently partners with Fredrik Jonsson @ Combonetwork, Lead Developer, to ensure the long-term maintenance, security, and sustainability of Hypha.

We are grateful to organizations that have chosen to implement Hypha and appreciate any and all code, design, documentation, bug reports, and other forms of contributions:

These organizations are already using Hypha

More information