{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":327775269,"defaultBranch":"master","name":"osv.dev","ownerLogin":"google","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-01-08T02:14:10.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1342004?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715895062.0","currentOid":""},"activityList":{"items":[{"before":"2e1117e5c9360f755d46165eaf2f2bf6b576d09f","after":"42b2c3b36815da2681a3d52a27bfa8a2c485bec0","ref":"refs/heads/master","pushedAt":"2024-05-17T04:47:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Update instructions for a self-demo (#2219)\n\nReference in list of home-grown data sources.","shortMessageHtmlLink":"Update instructions for a self-demo (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2301793665\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2219\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2219/hovercard\" href=\"https://github.com/google/osv.dev/pull/2219\">#2219</a>)"}},{"before":null,"after":"aff2b3e908081ccebdee53267b4997f9da5166b0","ref":"refs/heads/dependabot/bundler/docs/bundler-ef8ef157fc","pushedAt":"2024-05-16T21:31:02.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps-dev): Bump rexml\n\nBumps the bundler group with 1 update in the /docs directory: [rexml](https://github.com/ruby/rexml).\n\n\nUpdates `rexml` from 3.2.6 to 3.2.8\n- [Release notes](https://github.com/ruby/rexml/releases)\n- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)\n- [Commits](https://github.com/ruby/rexml/compare/v3.2.6...v3.2.8)\n\n---\nupdated-dependencies:\n- dependency-name: rexml\n  dependency-type: indirect\n  dependency-group: bundler\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"chore(deps-dev): Bump rexml"}},{"before":"e813719c20c9d7ee3e303834c481fbae6dcc0330","after":"2e1117e5c9360f755d46165eaf2f2bf6b576d09f","ref":"refs/heads/master","pushedAt":"2024-05-16T07:23:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Enable GCS deletion job in Production (#2215)\n\nThis has been run manually successfully.","shortMessageHtmlLink":"Enable GCS deletion job in Production (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2299016236\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2215\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2215/hovercard\" href=\"https://github.com/google/osv.dev/pull/2215\">#2215</a>)"}},{"before":"be3d06b0aee24e1843ee417c950026e799b472a5","after":"e813719c20c9d7ee3e303834c481fbae6dcc0330","ref":"refs/heads/master","pushedAt":"2024-05-16T00:29:41.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Support a conversion/extraction corner case as usable (#2214)\n\nThere is a corner case where there was an unresolvable `last_affected`\r\nversion, but a(n assumed) `fixed` commit (extracted from reference URLs\r\nmost commonly) and so the failure to resolve the `last_affected`\r\nshouldn't be treated as unusable data overall for conversion.\r\n\r\nHarmonize the ordering of potentially unnecessary work in\r\nCVEToPackageInfo and CVEToOSV\r\n\r\n---------\r\n\r\nCo-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>","shortMessageHtmlLink":"Support a conversion/extraction corner case as usable (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2297134939\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2214\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2214/hovercard\" href=\"https://github.com/google/osv.dev/pull/2214\">#2214</a>)"}},{"before":"4d6ba33e8052da76856d1edfb9f642078824fc8b","after":"be3d06b0aee24e1843ee417c950026e799b472a5","ref":"refs/heads/master","pushedAt":"2024-05-15T23:51:28.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Migrate website traffic entirely to Cloud Run (#2211)\n\nI will delete all our app engine stuff probably in the next week or two,\r\nin case we really need to roll back.","shortMessageHtmlLink":"Migrate website traffic entirely to Cloud Run (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2296906412\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2211\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2211/hovercard\" href=\"https://github.com/google/osv.dev/pull/2211\">#2211</a>)"}},{"before":"8ff91b9d6962a49ddf554ab7ee95b187a39a6203","after":"4d6ba33e8052da76856d1edfb9f642078824fc8b","ref":"refs/heads/master","pushedAt":"2024-05-15T23:41:12.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Fix integration tests withdrawn CVEs (#2213)\n\nThe cleanup of stale GCS-based records changed the CVE record landscape.","shortMessageHtmlLink":"Fix integration tests withdrawn CVEs (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2297054285\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2213\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2213/hovercard\" href=\"https://github.com/google/osv.dev/pull/2213\">#2213</a>)"}},{"before":"29e15fe175e159dacd77b91716b38eaefa2970c8","after":"8ff91b9d6962a49ddf554ab7ee95b187a39a6203","ref":"refs/heads/master","pushedAt":"2024-05-15T22:00:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Improve the usability when operating on a larger number of records (#2209)\n\nThis prevents a messier Datastore API failure (the IN operator only\r\nsupports up to 30 values) when querying for more than 30 Bugs and\r\nsignposts a solution.","shortMessageHtmlLink":"Improve the usability when operating on a larger number of records (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2296681289\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2209\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2209/hovercard\" href=\"https://github.com/google/osv.dev/pull/2209\">#…</a>"}},{"before":"247c5586f76c5e7d8093f3415bdbe878468f5248","after":"29e15fe175e159dacd77b91716b38eaefa2970c8","ref":"refs/heads/master","pushedAt":"2024-05-15T03:57:52.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Bump website cloud run traffic again (#2210)","shortMessageHtmlLink":"Bump website cloud run traffic again (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2296801771\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2210\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2210/hovercard\" href=\"https://github.com/google/osv.dev/pull/2210\">#2210</a>)"}},{"before":"0df60e266c7e1f754ad02eaa364f33f7586e6286","after":"247c5586f76c5e7d8093f3415bdbe878468f5248","ref":"refs/heads/master","pushedAt":"2024-05-15T01:41:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Bump website cloud run traffic (#2208)\n\nThere's been no problems with Cloud Run so far.\r\n\r\nThis is 25/75, next PR will be 50/50, then 100/0.","shortMessageHtmlLink":"Bump website cloud run traffic (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2296675526\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2208\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2208/hovercard\" href=\"https://github.com/google/osv.dev/pull/2208\">#2208</a>)"}},{"before":"133143645f8775565f1dc4375686199de0a6de1d","after":"0df60e266c7e1f754ad02eaa364f33f7586e6286","ref":"refs/heads/master","pushedAt":"2024-05-14T23:21:13.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Start forwarding web traffic to cloud run (#2206)\n\nStage 1: 90% to App Engine, 10% to Cloud Run","shortMessageHtmlLink":"Start forwarding web traffic to cloud run (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2294539761\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2206\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2206/hovercard\" href=\"https://github.com/google/osv.dev/pull/2206\">#2206</a>)"}},{"before":"fc144b751d26d8fbfc6ba15afc92fdbcd00a4fe3","after":"133143645f8775565f1dc4375686199de0a6de1d","ref":"refs/heads/master","pushedAt":"2024-05-14T06:09:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Add automation to assist with scalable and efficient FAQ awareness (#2192)\n\nFollowing\r\nhttps://docs.github.com/en/actions/managing-issues-and-pull-requests/commenting-on-an-issue-when-a-label-is-added\r\n\r\nPart of #2191","shortMessageHtmlLink":"Add automation to assist with scalable and efficient FAQ awareness (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2286815948\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2192\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2192/hovercard\" href=\"https://github.com/google/osv.dev/pull/2192\">#…</a>"}},{"before":"fb7591b763eeb6bea89224788bc0500b238c1803","after":"fc144b751d26d8fbfc6ba15afc92fdbcd00a4fe3","ref":"refs/heads/master","pushedAt":"2024-05-14T03:43:54.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"oliverchang","name":"Oliver Chang","path":"/oliverchang","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/759062?s=80&v=4"},"commit":{"message":"Fix collapsed packages when navigate to vulnerability page (#2198)\n\nIssue: https://github.com/google/osv.dev/issues/381\r\n\r\nInitially the page listens the window onload event, and programatically\r\nclicks on the headers so the sections will be expanded. But since we use\r\nTurbo, it will request the new page by using fetch request rather than\r\ndoing a full reload, so the `load` event won't be triggered.\r\n\r\nIn this PR we make the script listens `turbo:load` event which always\r\nhappens when visiting a new page.\r\n\r\nResult:\r\n![May-09-2024\r\n16-34-20](https://github.com/google/osv.dev/assets/13760813/2de992f2-9b28-426b-8dda-6885bddc13ef)","shortMessageHtmlLink":"Fix collapsed packages when navigate to vulnerability page (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2288769167\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2198\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2198/hovercard\" href=\"https://github.com/google/osv.dev/pull/2198\">#2198</a>)"}},{"before":"6814adeddb5a05b6299d7aa1c56dfd566679bc4a","after":"fb7591b763eeb6bea89224788bc0500b238c1803","ref":"refs/heads/master","pushedAt":"2024-05-14T03:40:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"chore(deps): lock file maintenance api (#2157)\n\n[![Mend\r\nRenovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)\r\n\r\nThis PR contains the following updates:\r\n\r\n| Package | Type | Update | Change | Age | Adoption | Passing |\r\nConfidence |\r\n|---|---|---|---|---|---|---|---|\r\n|  |  | lockFileMaintenance | All locks refreshed |  |  |  |  |\r\n| grpcio | packages | minor | `==1.62.2` -> `==1.63.0` |\r\n[![age](https://developer.mend.io/api/mc/badges/age/pypi/grpcio/1.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/grpcio/1.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/grpcio/1.62.2/1.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/grpcio/1.62.2/1.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n\r\n🔧 This Pull Request updates lock files to use the latest dependency\r\nversions.\r\n\r\n---\r\n\r\n### Configuration\r\n\r\n📅 **Schedule**: Branch creation - \"before 6am on wednesday\" in timezone\r\nAustralia/Sydney, Automerge - At any time (no schedule defined).\r\n\r\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\r\nare satisfied.\r\n\r\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\r\nrebase/retry checkbox.\r\n\r\n👻 **Immortal**: This PR will be recreated if closed unmerged. Get\r\n[config help](https://togithub.com/renovatebot/renovate/discussions) if\r\nthat's undesired.\r\n\r\n---\r\n\r\n- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check\r\nthis box\r\n\r\n---\r\n\r\nThis PR has been generated by [Mend\r\nRenovate](https://www.mend.io/free-developer-tools/renovate/). View\r\nrepository job log\r\n[here](https://developer.mend.io/github/google/osv.dev).\r\n\r\n<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->","shortMessageHtmlLink":"chore(deps): lock file maintenance api (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2279636953\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2157\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2157/hovercard\" href=\"https://github.com/google/osv.dev/pull/2157\">#2157</a>)"}},{"before":"f62b14572e36d43e73b48329546cee89f8f935fd","after":"6814adeddb5a05b6299d7aa1c56dfd566679bc4a","ref":"refs/heads/master","pushedAt":"2024-05-14T03:39:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"chore(deps): lock file maintenance (#2139)\n\n[![Mend\r\nRenovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)\r\n\r\nThis PR contains the following updates:\r\n\r\n| Update | Change |\r\n|---|---|\r\n| lockFileMaintenance | All locks refreshed |\r\n\r\n🔧 This Pull Request updates lock files to use the latest dependency\r\nversions.\r\n\r\n---\r\n\r\n### Configuration\r\n\r\n📅 **Schedule**: Branch creation - \"before 6am on wednesday\" in timezone\r\nAustralia/Sydney, Automerge - At any time (no schedule defined).\r\n\r\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\r\nare satisfied.\r\n\r\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\r\nrebase/retry checkbox.\r\n\r\n👻 **Immortal**: This PR will be recreated if closed unmerged. Get\r\n[config help](https://togithub.com/renovatebot/renovate/discussions) if\r\nthat's undesired.\r\n\r\n---\r\n\r\n- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check\r\nthis box\r\n\r\n---\r\n\r\nThis PR has been generated by [Mend\r\nRenovate](https://www.mend.io/free-developer-tools/renovate/). View\r\nrepository job log\r\n[here](https://developer.mend.io/github/google/osv.dev).\r\n\r\n<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->","shortMessageHtmlLink":"chore(deps): lock file maintenance (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2267671242\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2139\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2139/hovercard\" href=\"https://github.com/google/osv.dev/pull/2139\">#2139</a>)"}},{"before":"5888c29b2061833bb01f6dc3f52eac33f8e83644","after":"f62b14572e36d43e73b48329546cee89f8f935fd","ref":"refs/heads/master","pushedAt":"2024-05-14T03:38:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Relock Gemfile.lock (#2205)\n\nI messed up the patch that was supposed to go in #2204 (I think I\r\naccidentally used my system's ruby).","shortMessageHtmlLink":"Relock Gemfile.lock (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2294288602\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2205\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2205/hovercard\" href=\"https://github.com/google/osv.dev/pull/2205\">#2205</a>)"}},{"before":"645959293e93b7c41224ca6565d549ec45f20fc5","after":null,"ref":"refs/heads/dependabot/bundler/docs/bundler-1bdea36e40","pushedAt":"2024-05-14T01:45:24.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"}},{"before":"ad0eed1cdb155bedbbe195f049b32daf459deca5","after":"5888c29b2061833bb01f6dc3f52eac33f8e83644","ref":"refs/heads/master","pushedAt":"2024-05-14T01:45:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"chore(deps-dev): Bump nokogiri from 1.16.2 to 1.16.5 in /docs in the bundler group across 1 directory (#2204)\n\nBumps the bundler group with 1 update in the /docs directory:\r\n[nokogiri](https://github.com/sparklemotion/nokogiri).\r\n\r\nUpdates `nokogiri` from 1.16.2 to 1.16.5\r\n<details>\r\n<summary>Release notes</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/sparklemotion/nokogiri/releases\">nokogiri's\r\nreleases</a>.</em></p>\r\n<blockquote>\r\n<h2>v1.16.5 / 2024-05-13</h2>\r\n<h3>Security</h3>\r\n<ul>\r\n<li>[CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See\r\n<a\r\nhref=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-r95h-9x8f-r3f7\">GHSA-r95h-9x8f-r3f7</a>\r\nfor more information.</li>\r\n</ul>\r\n<h3>Dependencies</h3>\r\n<ul>\r\n<li>[CRuby] Vendored libxml2 is updated to <a\r\nhref=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7\">v2.12.7</a>\r\nfrom v2.12.6. (<a\r\nhref=\"https://github.com/flavorjones\"><code>@​flavorjones</code></a>)</li>\r\n</ul>\r\n<hr />\r\n<p>sha256 checksums:</p>\r\n\r\n<pre><code>af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874\r\nnokogiri-1.16.5-aarch64-linux.gem\r\n23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec\r\nnokogiri-1.16.5-arm-linux.gem\r\n950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214\r\nnokogiri-1.16.5-arm64-darwin.gem\r\nb7aefc94370c62476b8528e8d8abb6160203abd84a1f4eceda8f1aa8974d9989\r\nnokogiri-1.16.5-java.gem\r\nec2167160df8fec3137bf95d574ed80ebc1d002bb3b281546b60b4aa9002466e\r\nnokogiri-1.16.5-x64-mingw-ucrt.gem\r\n6984200491fac69974005ecfa2de129d61843d345eafa5d6f58e8b908d1cf107\r\nnokogiri-1.16.5-x64-mingw32.gem\r\nabdc389ab1ec6604492da16bd9d06ad746fdb6bd6a1bd274c400d61ffcadb3c4\r\nnokogiri-1.16.5-x86-linux.gem\r\n63d24981345856f2baf7f4089870a62d3042fb8d3021b280fb04fc052532e3c4\r\nnokogiri-1.16.5-x86-mingw32.gem\r\n71b5f54e378c433d13df67c3b71acc4716129da62402d8181f310c4216a63279\r\nnokogiri-1.16.5-x86_64-darwin.gem\r\n0ca238da870066bed2f7837af6f35791bb9b76c4c5638999c46aac44818a6a97\r\nnokogiri-1.16.5-x86_64-linux.gem\r\nec36162c68984fa0a90a5c4ae7ab7759460639e716cc1ce75f34c3cb54158ad2\r\nnokogiri-1.16.5.gem\r\n</code></pre>\r\n<h2>v1.16.4 / 2024-04-10</h2>\r\n<h3>Dependencies</h3>\r\n<ul>\r\n<li>[CRuby] Vendored zlib in the precompiled native gems is updated to\r\n<a href=\"https://zlib.net/ChangeLog.txt\">v1.3.1</a> from v1.3. Nokogiri\r\nis not affected by the minizip CVE patched in this version, but this\r\nupdate may satisfy some security scanners. Related, see <a\r\nhref=\"https://github.com/sparklemotion/nokogiri/discussions/3168\">this\r\ndiscussion</a> about removing the compression libraries altogether in a\r\nfuture version of Nokogiri.</li>\r\n</ul>\r\n<hr />\r\n<p>sha256 checksums:</p>\r\n\r\n<pre><code>bdb1dc4378ebcf3ade8f440c7df68f6d76946a1a96c4823a2b4c53c01a320cd5\r\nnokogiri-1.16.4-aarch64-linux.gem\r\n0c994b9996d5576eddcc3201a94ef2bff6fc3627c4ae4d2708b0ec9b9743ec6a\r\nnokogiri-1.16.4-arm-linux.gem\r\n8e86abb64c93c06d3c588042a0e757279e8f1dc88b5210a00be892a9a7a27196\r\nnokogiri-1.16.4-arm64-darwin.gem\r\nbf84fa28be4943692bd64772186e0832fb1061f80714ccb93e111e9d72b1cadc\r\nnokogiri-1.16.4-java.gem\r\na46808467c1f63a2031e1ca0715cd5336bb4ec759e9c0e2f4c951c1cc30994ae\r\nnokogiri-1.16.4-x64-mingw-ucrt.gem\r\n4cdf64bc5e9443ec3e0b595347ecc8affe21968d9ae934c0825d26630ef96468\r\nnokogiri-1.16.4-x64-mingw32.gem\r\nd86d21bae47dd9f6f5223055e45d33fae08b0b89aad94cbc0ece4f4274fa7af5\r\nnokogiri-1.16.4-x86-linux.gem\r\nd488b872884844686780fda7cf5da44ee884d32faa713a55aeb4736d76718168\r\nnokogiri-1.16.4-x86-mingw32.gem\r\na896e52a56951ffb0e6a9279afbf485d683e357a053d27f4cfcb2a73b0824628\r\nnokogiri-1.16.4-x86_64-darwin.gem\r\n92ff4f09910255fec84b3bc4c4b182e94cada3ed12b9f7a6ea058e0af186fb31\r\nnokogiri-1.16.4-x86_64-linux.gem\r\n&lt;/tr&gt;&lt;/table&gt; \r\n</code></pre>\r\n</blockquote>\r\n<p>... (truncated)</p>\r\n</details>\r\n<details>\r\n<summary>Changelog</summary>\r\n<p><em>Sourced from <a\r\nhref=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\">nokogiri's\r\nchangelog</a>.</em></p>\r\n<blockquote>\r\n<h2>v1.16.5</h2>\r\n<h3>Security</h3>\r\n<ul>\r\n<li>[CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See\r\n<a\r\nhref=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-r95h-9x8f-r3f7\">GHSA-r95h-9x8f-r3f7</a>\r\nfor more information.</li>\r\n</ul>\r\n<h3>Dependencies</h3>\r\n<ul>\r\n<li>[CRuby] Vendored libxml2 is updated to <a\r\nhref=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7\">v2.12.7</a>\r\nfrom v2.12.6. (<a\r\nhref=\"https://github.com/flavorjones\"><code>@​flavorjones</code></a>)</li>\r\n</ul>\r\n<h2>v1.16.4 / 2024-04-10</h2>\r\n<h3>Dependencies</h3>\r\n<ul>\r\n<li>[CRuby] Vendored zlib in the precompiled native gems is updated to\r\n<a href=\"https://zlib.net/ChangeLog.txt\">v1.3.1</a> from v1.3. Nokogiri\r\nis not affected by the minizip CVE patched in this version, but this\r\nupdate may satisfy some security scanners. Related, see <a\r\nhref=\"https://github.com/sparklemotion/nokogiri/discussions/3168\">this\r\ndiscussion</a> about removing the compression libraries altogether in a\r\nfuture version of Nokogiri.</li>\r\n</ul>\r\n<h2>v1.16.3 / 2024-03-15</h2>\r\n<h3>Dependencies</h3>\r\n<ul>\r\n<li>[CRuby] Vendored libxml2 is updated to <a\r\nhref=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.6\">v2.12.6</a>\r\nfrom v2.12.5. (<a\r\nhref=\"https://github.com/flavorjones\"><code>@​flavorjones</code></a>)</li>\r\n</ul>\r\n<h3>Changed</h3>\r\n<ul>\r\n<li>[CRuby] <code>XML::Reader</code> sets the <code>@encoding</code>\r\ninstance variable during reading if it is not passed into the\r\ninitializer. Previously, it would remain <code>nil</code>. The behavior\r\nof <code>Reader#encoding</code> has not changed. This works around\r\nchanges to how libxml2 reports the encoding used in v2.12.6.</li>\r\n</ul>\r\n</blockquote>\r\n</details>\r\n<details>\r\n<summary>Commits</summary>\r\n<ul>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/cd70bd3dc9e0dc15b04b42d67b639eb5804e77d5\"><code>cd70bd3</code></a>\r\nversion bump to v1.16.5</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/afc36de553085b6b397b23a0c09a2449655a3a47\"><code>afc36de</code></a>\r\ndep: update vendored libxml2 to v2.12.7 (<a\r\nhref=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3191\">#3191</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/41b4f0846d2c264b48ef93ecd034dd230ab8125a\"><code>41b4f08</code></a>\r\nci: add arm64-darwin coverage using macos-14</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/67b9e863a67164ae6ffbe5ed4cc482267db7c436\"><code>67b9e86</code></a>\r\ndep: update libxml2 to v2.12.7</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/17c0362082341208bf9aadb61939e4de74005b44\"><code>17c0362</code></a>\r\nversion bump to v1.16.4</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/1c329e9c09148155624b52ffe630cc1b01d6787f\"><code>1c329e9</code></a>\r\ndep: update to zlib 1.3.1 (v1.16.x) (<a\r\nhref=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3175\">#3175</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/edeac07bb21b3f00c2a6aaf27806ce9d0871a08d\"><code>edeac07</code></a>\r\ndep: update to zlib 1.3.1</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/80fb6085c069e053457ed6f6325ac032f2b029fe\"><code>80fb608</code></a>\r\nversion bump to v1.16.3</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/710bd96d70f39baadd0405cf0f3c0c42805019af\"><code>710bd96</code></a>\r\ndep: update libxml 2.12.6 (branch v1.16.x) (<a\r\nhref=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3151\">#3151</a>)</li>\r\n<li><a\r\nhref=\"https://github.com/sparklemotion/nokogiri/commit/461a96ea163b144ea2898d088efe65fce311d5be\"><code>461a96e</code></a>\r\nfix: Reader#read sets <a\r\nhref=\"https://github.com/encoding\"><code>@​encoding</code></a> if it is\r\nunset</li>\r\n<li>Additional commits viewable in <a\r\nhref=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.2...v1.16.5\">compare\r\nview</a></li>\r\n</ul>\r\n</details>\r\n<br />\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&previous-version=1.16.2&new-version=1.16.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n<details>\r\n<summary>Dependabot commands and options</summary>\r\n<br />\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show <dependency name> ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore <dependency name> major version` will close this\r\ngroup update PR and stop Dependabot creating any more for the specific\r\ndependency's major version (unless you unignore this specific\r\ndependency's major version or upgrade to it yourself)\r\n- `@dependabot ignore <dependency name> minor version` will close this\r\ngroup update PR and stop Dependabot creating any more for the specific\r\ndependency's minor version (unless you unignore this specific\r\ndependency's minor version or upgrade to it yourself)\r\n- `@dependabot ignore <dependency name>` will close this group update PR\r\nand stop Dependabot creating any more for the specific dependency\r\n(unless you unignore this specific dependency or upgrade to it yourself)\r\n- `@dependabot unignore <dependency name>` will remove all of the ignore\r\nconditions of the specified dependency\r\n- `@dependabot unignore <dependency name> <ignore condition>` will\r\nremove the ignore condition of the specified dependency and ignore\r\nconditions\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/google/osv.dev/network/alerts).\r\n\r\n</details>\r\n\r\n---------\r\n\r\nSigned-off-by: dependabot[bot] <support@github.com>\r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>\r\nCo-authored-by: Michael Kedar <michaelkedar@google.com>","shortMessageHtmlLink":"chore(deps-dev): Bump nokogiri from 1.16.2 to 1.16.5 in /docs in the …"}},{"before":"b63cd5e3e689338f610f3359223ea0976ad21798","after":"645959293e93b7c41224ca6565d549ec45f20fc5","ref":"refs/heads/dependabot/bundler/docs/bundler-1bdea36e40","pushedAt":"2024-05-14T01:35:45.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"regen lockfile","shortMessageHtmlLink":"regen lockfile"}},{"before":"9ee0158ac57c2eae5adc54f6b02ac3f816d060f4","after":"ad0eed1cdb155bedbbe195f049b32daf459deca5","ref":"refs/heads/master","pushedAt":"2024-05-14T00:17:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Lock file maintenance docs (#2172)\n\n[![Mend\r\nRenovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)\r\n\r\nThis PR contains the following updates:\r\n\r\n| Package | Update | Change | Age | Adoption | Passing | Confidence |\r\n|---|---|---|---|---|---|---|\r\n|  | lockFileMaintenance | All locks refreshed |  |  |  |  |\r\n| [jekyll-feed](https://togithub.com/jekyll/jekyll-feed) | minor |\r\n`0.15.1` -> `0.17.0` |\r\n[![age](https://developer.mend.io/api/mc/badges/age/rubygems/jekyll-feed/0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/jekyll-feed/0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/jekyll-feed/0.15.1/0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n[![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/jekyll-feed/0.15.1/0.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)\r\n|\r\n\r\n🔧 This Pull Request updates lock files to use the latest dependency\r\nversions.\r\n\r\n---\r\n\r\n### Release Notes\r\n\r\n<details>\r\n<summary>jekyll/jekyll-feed (jekyll-feed)</summary>\r\n\r\n###\r\n[`v0.17.0`](https://togithub.com/jekyll/jekyll-feed/blob/HEAD/History.markdown#0170--2022-10-14)\r\n\r\n[Compare\r\nSource](https://togithub.com/jekyll/jekyll-feed/compare/v0.16.0...v0.17.0)\r\n\r\n##### Documentation\r\n\r\n- Update CI status badge\r\n([#&#8203;363](https://togithub.com/jekyll/jekyll-feed/issues/363))\r\n\r\n##### Development Fixes\r\n\r\n- Add Ruby 3.1 to the CI matrix\r\n([#&#8203;365](https://togithub.com/jekyll/jekyll-feed/issues/365))\r\n\r\n##### Minor Enhancements\r\n\r\n- Allow disabling of jekyll-feed while in development\r\n([#&#8203;370](https://togithub.com/jekyll/jekyll-feed/issues/370))\r\n\r\n###\r\n[`v0.16.0`](https://togithub.com/jekyll/jekyll-feed/blob/HEAD/History.markdown#0160--2022-01-03)\r\n\r\n[Compare\r\nSource](https://togithub.com/jekyll/jekyll-feed/compare/v0.15.1...v0.16.0)\r\n\r\n##### Minor Enhancements\r\n\r\n- Add support for `page.description` in front matter to become entry\r\n`<summary>`\r\n([#&#8203;297](https://togithub.com/jekyll/jekyll-feed/issues/297))\r\n\r\n##### Bug Fixes\r\n\r\n- Fold private methods into the `:render` method as local variables\r\n([#&#8203;327](https://togithub.com/jekyll/jekyll-feed/issues/327))\r\n- Check `post.categories` instead of `post.category`\r\n([#&#8203;357](https://togithub.com/jekyll/jekyll-feed/issues/357))\r\n- Switched xml_escape for `<![CDATA[]]>` for post content\r\n([#&#8203;332](https://togithub.com/jekyll/jekyll-feed/issues/332))\r\n\r\n##### Development Fixes\r\n\r\n- Add Ruby 3.0 to CI\r\n([#&#8203;337](https://togithub.com/jekyll/jekyll-feed/issues/337))\r\n- Lock RuboCop to v1.18.x\r\n([#&#8203;348](https://togithub.com/jekyll/jekyll-feed/issues/348))\r\n- Add workflow to release gem via GH Action\r\n([#&#8203;355](https://togithub.com/jekyll/jekyll-feed/issues/355))\r\n\r\n##### Documentation\r\n\r\n- Use `.atom` extension in documented examples since we write an Atom\r\nfeed ([#&#8203;359](https://togithub.com/jekyll/jekyll-feed/issues/359))\r\n\r\n</details>\r\n\r\n---\r\n\r\n### Configuration\r\n\r\n📅 **Schedule**: Branch creation - \"before 6am on wednesday\" in timezone\r\nAustralia/Sydney, Automerge - At any time (no schedule defined).\r\n\r\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\r\nare satisfied.\r\n\r\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\r\nrebase/retry checkbox.\r\n\r\n👻 **Immortal**: This PR will be recreated if closed unmerged. Get\r\n[config help](https://togithub.com/renovatebot/renovate/discussions) if\r\nthat's undesired.\r\n\r\n---\r\n\r\n- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check\r\nthis box\r\n\r\n---\r\n\r\nThis PR has been generated by [Mend\r\nRenovate](https://www.mend.io/free-developer-tools/renovate/). View\r\nrepository job log\r\n[here](https://developer.mend.io/github/google/osv.dev).\r\n\r\n<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->","shortMessageHtmlLink":"Lock file maintenance docs (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2284032989\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2172\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2172/hovercard\" href=\"https://github.com/google/osv.dev/pull/2172\">#2172</a>)"}},{"before":"1a48a8a4b9d294b441aa051a2b90099ca5641d61","after":"9ee0158ac57c2eae5adc54f6b02ac3f816d060f4","ref":"refs/heads/master","pushedAt":"2024-05-14T00:16:01.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Lock file maintenance (#2169)\n\n[![Mend\r\nRenovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)\r\n\r\nThis PR contains the following updates:\r\n\r\n| Update | Change |\r\n|---|---|\r\n| lockFileMaintenance | All locks refreshed |\r\n\r\n🔧 This Pull Request updates lock files to use the latest dependency\r\nversions.\r\n\r\n---\r\n\r\n### Configuration\r\n\r\n📅 **Schedule**: Branch creation - \"before 6am on wednesday\" in timezone\r\nAustralia/Sydney, Automerge - At any time (no schedule defined).\r\n\r\n🚦 **Automerge**: Disabled by config. Please merge this manually once you\r\nare satisfied.\r\n\r\n♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the\r\nrebase/retry checkbox.\r\n\r\n👻 **Immortal**: This PR will be recreated if closed unmerged. Get\r\n[config help](https://togithub.com/renovatebot/renovate/discussions) if\r\nthat's undesired.\r\n\r\n---\r\n\r\n- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check\r\nthis box\r\n\r\n---\r\n\r\nThis PR has been generated by [Mend\r\nRenovate](https://www.mend.io/free-developer-tools/renovate/). View\r\nrepository job log\r\n[here](https://developer.mend.io/github/google/osv.dev).\r\n\r\n<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->","shortMessageHtmlLink":"Lock file maintenance (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2283921734\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2169\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2169/hovercard\" href=\"https://github.com/google/osv.dev/pull/2169\">#2169</a>)"}},{"before":null,"after":"b63cd5e3e689338f610f3359223ea0976ad21798","ref":"refs/heads/dependabot/bundler/docs/bundler-1bdea36e40","pushedAt":"2024-05-13T23:39:50.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore(deps-dev): Bump nokogiri\n\nBumps the bundler group with 1 update in the /docs directory: [nokogiri](https://github.com/sparklemotion/nokogiri).\n\n\nUpdates `nokogiri` from 1.16.2 to 1.16.5\n- [Release notes](https://github.com/sparklemotion/nokogiri/releases)\n- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.2...v1.16.5)\n\n---\nupdated-dependencies:\n- dependency-name: nokogiri\n  dependency-type: indirect\n  dependency-group: bundler\n...\n\nSigned-off-by: dependabot[bot] <support@github.com>","shortMessageHtmlLink":"chore(deps-dev): Bump nokogiri"}},{"before":"658fe21366cfcc3c5c10e7111f4c2955b9bb58be","after":"1a48a8a4b9d294b441aa051a2b90099ca5641d61","ref":"refs/heads/master","pushedAt":"2024-05-13T03:19:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Add terraform path to renovate config (#2203)\n\nHopefully should let renovate pick up updates to our terraform providers","shortMessageHtmlLink":"Add terraform path to renovate config (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2291683398\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2203\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2203/hovercard\" href=\"https://github.com/google/osv.dev/pull/2203\">#2203</a>)"}},{"before":"8d46f95a3979990b645a427b98032a60c534bedd","after":"658fe21366cfcc3c5c10e7111f4c2955b9bb58be","ref":"refs/heads/master","pushedAt":"2024-05-13T02:19:42.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Prepare second importer cronjob for production (#2194)\n\nIncrease run frequency to 3 hourly","shortMessageHtmlLink":"Prepare second importer cronjob for production (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2286941306\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2194\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2194/hovercard\" href=\"https://github.com/google/osv.dev/pull/2194\">#2194</a>)"}},{"before":"995765d7f688b3aaf9fe4adff2079a83b41fa8fe","after":"8d46f95a3979990b645a427b98032a60c534bedd","ref":"refs/heads/master","pushedAt":"2024-05-13T02:11:02.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"bump terraform google provider version (#2202)\n\nNeed to update the provider version for the terraform load balancer app\r\nengine backend to be created properly","shortMessageHtmlLink":"bump terraform google provider version (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2291653054\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2202\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2202/hovercard\" href=\"https://github.com/google/osv.dev/pull/2202\">#2202</a>)"}},{"before":"d9747d4c41808d8f76bd3fb3f09fbd7388719456","after":"995765d7f688b3aaf9fe4adff2079a83b41fa8fe","ref":"refs/heads/master","pushedAt":"2024-05-13T01:12:03.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"michaelkedar","name":"Michael Kedar","path":"/michaelkedar","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/19356069?s=80&v=4"},"commit":{"message":"Configure GCLB in terraform (#2180)\n\nBecause importing existing resources is awkward (and will end up\r\ndeleting/recreating most things if our names don't line up), I've\r\ndecided to put all the Load Balancer / Certificate stuff into terraform\r\nnow. I've tried to match what was set up manually on staging as closely\r\nas possible. I also added an IPv6 address, since our App Engine\r\ncurrently also has IPv6.\r\n\r\nThe google-managed certificate stuff is now set up in terraform, but\r\nconfiguring the DNS `CNAME`/`A`/`AAAA` records still needs to be done\r\nmanually. I've added an output to the terraform to display all the\r\nrecords that need to be created.\r\n\r\nThe existing Load Balancer and Certificate stuff needs to be deleted\r\nfrom staging before merging this, and the DNS records need to be updated\r\nafter.","shortMessageHtmlLink":"Configure GCLB in terraform (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2284684580\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2180\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2180/hovercard\" href=\"https://github.com/google/osv.dev/pull/2180\">#2180</a>)"}},{"before":"31f5035ade93af773bc0f352e16b205978ba8288","after":null,"ref":"refs/heads/oliverchang-patch-2","pushedAt":"2024-05-13T00:09:13.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"oliverchang","name":"Oliver Chang","path":"/oliverchang","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/759062?s=80&v=4"}},{"before":"dd79353803efadc90f520043873d5dca95a7fb96","after":"d9747d4c41808d8f76bd3fb3f09fbd7388719456","ref":"refs/heads/master","pushedAt":"2024-05-13T00:09:12.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"oliverchang","name":"Oliver Chang","path":"/oliverchang","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/759062?s=80&v=4"},"commit":{"message":"Disable boringssl OSS-Fuzz -> OSV import (#2201)\n\nFixes #2178. \r\n\r\nBoringSSL maintainers would like more control / vetting of entries.\r\nDisable the import for now until we have a better system in place to\r\nenable that.","shortMessageHtmlLink":"Disable boringssl OSS-Fuzz -&gt; OSV import (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2291559633\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2201\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2201/hovercard\" href=\"https://github.com/google/osv.dev/pull/2201\">#2201</a>)"}},{"before":"dae8f003d070c32b51fc865f6a25dccc85d30407","after":"31f5035ade93af773bc0f352e16b205978ba8288","ref":"refs/heads/oliverchang-patch-2","pushedAt":"2024-05-13T00:01:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"oliverchang","name":"Oliver Chang","path":"/oliverchang","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/759062?s=80&v=4"},"commit":{"message":"add it to the rigth placce.","shortMessageHtmlLink":"add it to the rigth placce."}},{"before":null,"after":"dae8f003d070c32b51fc865f6a25dccc85d30407","ref":"refs/heads/oliverchang-patch-2","pushedAt":"2024-05-12T23:57:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"oliverchang","name":"Oliver Chang","path":"/oliverchang","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/759062?s=80&v=4"},"commit":{"message":"Disable boringssl OSS-Fuzz -> OSV import\n\nFixes #2178. \r\n\r\nBoringSSL maintainers would like more control / vetting of entries. Disable the import for now until we have a better system in place to enable that.","shortMessageHtmlLink":"Disable boringssl OSS-Fuzz -&gt; OSV import"}},{"before":"f67f7460b9b69e693f3746333fe17e7eff1d3f51","after":"dd79353803efadc90f520043873d5dca95a7fb96","ref":"refs/heads/master","pushedAt":"2024-05-10T04:59:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"andrewpollock","name":"Andrew Pollock","path":"/andrewpollock","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/6906046?s=80&v=4"},"commit":{"message":"Do not process OSS Fuzz in delete-only mode (#2200)\n\nI noticed this was not behaving as intended during manual dry-run\r\ntesting in Production.","shortMessageHtmlLink":"Do not process OSS Fuzz in delete-only mode (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2288917800\" data-permission-text=\"Title is private\" data-url=\"https://github.com/google/osv.dev/issues/2200\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/google/osv.dev/pull/2200/hovercard\" href=\"https://github.com/google/osv.dev/pull/2200\">#2200</a>)"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAETIfdaQA","startCursor":null,"endCursor":null}},"title":"Activity · google/osv.dev"}