🚀🚀🚀 This is a tool that helps programmers create Express & React projects easily base on react-cool-starter.

Overview

erb

🔥 🔥 🔥 Express react boilerplate 🔥 🔥 🔥

dependency status devDependency status ESLint: airbnb-base code style: prettier github actions status CodeFactor MIT licensed

NPM

Features

Requirements

Structure

.
├── public                      # Express server static path
│   ├── assets                  # All favicon resources
│   ├── locales                 # All of i18n resources
│   └── robots.txt              # A robots.txt file tells search engine crawlers which pages or files the crawler can or can't request from your site.
├── src                         # App source code
│   ├── api                     # All of restful API
│   ├── client                  # Client scope
│   │   ├── app                 # App root component
│   │   ├── assets              # Assets (e.g. images, fonts etc.)
│   │   ├── components          # Reusable components
│   │   ├── pages               # Page components
│   │   ├── stories             # UI components with Storybook
│   │   ├── themes              # App-wide style
│   │   ├── vendor              # 3rd libraries for client
│   │   └── index.js            # App bootstrap and rendering (webpack entry)
│   ├── middlewares             # All of express middleware
│   ├── model                   # Data transfer object
│   ├── mongo                   # MongoDB configuration
│   ├── secure                  # All of security (e.g passport configuration, jsonwebtoken etc.)
│   ├── store                   # Store configuration for both client and server side
│   ├── tools                   # Project related configurations
│   │   ├── jest                # Jest configurations
│   │   ├── webpack             # Webpack configurations
│   │   ├── hooks.js            # Assets require hooks
│   │   └── postcss.config.js   # PostCSS configuration
│   ├── types                   # All of type for flow
│   ├── utils                   # App-wide utils
│   ├── config.js               # Configuration entry point loaded from .env file
│   ├── i18n.js                 # I18next configuration
│   ├── index.js                # App entry point
│   ├── routes.js               # Routes configuration for both client and server side
│   └── server.js               # Express server
│── .babelrc                    # Babel configuration.
│── .env-cmdrc.json             # All of environments configuration.
│── .eslintrc.json              # Eslint configuration.
│── .flowconfig                 # Flow type configuration.
└── .prettierrc.json            # Prettier configuration.

Installation

$ yarn global add express-react-boilerplate
# or (sudo) npm install -g express-react-boilerplate

Getting Started

1. Usage:

$ erb-gen --help

  Usage: erb-gen [options]

  Options:
    -v, --version      output the version number
    -d, --dir <type>   project's directory. (default: ".")
    -n, --name <type>  project's name. (default: "express-react-boilerplate")
    -h, --help         output usage information

  Examples:
    $ erb-gen
    $ erb-gen --name example

2. Install dependencies:

$ cd <your_project>

$ yarn
# or npm install

3. Run it:

$ yarn dev
# or npm run dev

Build

$ yarn build
# or npm run build

NOTE: You can change environment variables in .env-cmdrc.json file.

Scripts

Script Description
dev Start the development server.
dev --serve Start the development server and open browser.
start Start the production server.
build Remove the previous bundled files and bundle it (include client & server) to dist/.
wp Bundle client to dist/.
analyze Visualize the contents of all your bundles.
storybook Start the storybook server.
test Run testing.
eslint Find problems in your JavaScript code.

Enable/Disable offline

  • In src/tools/webpack/webpack.config.prod.js:

    if (isDev) {
      ...
    } else {
      plugins = [
        ...,
        // Comment this plugin if you want to disable offline.
        new OfflinePlugin({
          autoUpdate: true,
          appShell: '/',
          relativePaths: false,
          updateStrategy: 'all',
          externals: ['/'],
        })
      ]
    }
  • At the end of src/client/index.js:

    if (!__DEV__) {
      require('offline-plugin/runtime').install(); // Comment this line if you want to disable offline.
    }

Supported Browsers

By default, the generated project supports all modern browsers. Support for Internet Explorer 9, 10, and 11 requires polyfills. For a set of polyfills to support older browsers, use react-app-polyfill.

$ yarn add react-app-polyfill
# or npm install --save react-app-polyfill

You can import the entry point for the minimal version you intend to support to ensure that the minimum language features are present that are required to use in your project. For example, if you import the IE9 entry point, this will include IE10 and IE11 support.

Internet Explorer 9

// This must be the first line in <PROJECT_ROOT>/src/client/app/index.js
import 'react-app-polyfill/ie9';
import 'react-app-polyfill/stable';

// ...

Internet Explorer 11

// This must be the first line in <PROJECT_ROOT>/src/client/app/index.js
import 'react-app-polyfill/ie11';
import 'react-app-polyfill/stable';

// ...

CSS variables

By default, the generated project supports all modern browsers. Support for Internet Explorer 9, 10, and 11 requires polyfills. For a set of polyfills to support older browsers, use css-vars-ponyfill.

// In <PROJECT_ROOT>/src/client/vendor/index.js
import cssVars 'css-vars-ponyfill';
// ... your css/scss files.
cssVars({
  silent: !__DEV__,
  ..., // https://jhildenbiddle.github.io/css-vars-ponyfill/#/?id=options
});

Type Checking For Editor

Contributors

Special Thanks

License

MIT License

Copyright (c) 2019 Huỳnh Trần Đăng Khoa

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Comments
  • erb-gen doesn't seem to work, its probably something i'm doing wrong.

    erb-gen doesn't seem to work, its probably something i'm doing wrong.

    Even if I just install the repo through git the npm scripts for the most part error about various things also the cli isn't working at all if I could get some assistance I would appreciate it.

    CLI image

    NODE Version image

    __ YARN DEV __ image

    bug 
    opened by DetroitWhiskey136 8
  • Bump postcss from 7.0.34 to 8.2.10

    Bump postcss from 7.0.34 to 8.2.10

    Bumps postcss from 7.0.34 to 8.2.10.

    Release notes

    Sourced from postcss's releases.

    8.2.10

    8.2.9

    8.2.8

    8.2.7

    8.2.6

    • Fixed Maximum call stack size exceeded in Node#toJSON.
    • Fixed docs (by @​inokawa).

    8.2.5

    • Fixed escaped characters handling in list.split (by @​nex3).

    8.2.4

    8.2.3

    8.2.2

    8.2.1

    • Fixed Node#toJSON() and postcss.fromJSON() (by @​mischnic).

    8.2 “Prince Orobas”

    PostCSS 8.2 added a new API to serialize and deserialize CSS AST to JSON.

    import { parse, fromJSON } from 'postcss'
    

    let root = parse('a{}', { from: 'input.css' }) let json = root.toJSON() // save to file, send by network, etc let root2 = fromJSON(json)

    ... (truncated)

    Changelog

    Sourced from postcss's changelog.

    8.2.10

    • Fixed ReDoS vulnerabilities in source map parsing.
    • Fixed webpack 5 support (by Barak Igal).
    • Fixed docs (by Roeland Moors).

    8.2.9

    • Exported NodeErrorOptions type (by Rouven Weßling).

    8.2.8

    • Fixed browser builds in webpack 4 (by Matt Jones).

    8.2.7

    • Fixed browser builds in webpack 5 (by Matt Jones).

    8.2.6

    • Fixed Maximum call stack size exceeded in Node#toJSON.
    • Fixed docs (by inokawa).

    8.2.5

    • Fixed escaped characters handling in list.split (by Natalie Weizenbaum).

    8.2.4

    • Added plugin name to postcss.plugin() warning (by Tom Williams).
    • Fixed docs (by Bill Columbia).

    8.2.3

    • Fixed JSON.stringify(Node[]) support (by Niklas Mischkulnig).

    8.2.2

    • Fixed CSS-in-JS support (by James Garbutt).
    • Fixed plugin types (by Ludovico Fischer).
    • Fixed Result#warn() types.

    8.2.1

    • Fixed Node#toJSON() and postcss.fromJSON() (by Niklas Mischkulnig).

    8.2 “Prince Orobas”

    • Added Node#toJSON() and postcss.fromJSON() (by Niklas Mischkulnig).

    8.1.14

    • Fixed parser performance regression.

    8.1.13

    • Fixed broken AST after moving nodes in visitor API.

    8.1.12

    • Fixed Autoprefixer regression.

    8.1.11

    • Added PostCSS update suggestion on unknown event in plugin.

    ... (truncated)

    Commits
    • 8395d9f Release 8.2.10 version
    • f2baaa7 Update ESLint config
    • b6f3e4d Fix unsafe regexp in getAnnotationURL() too
    • 4bcd727 Merge pull request #1553 from barak007/patch-2
    • 7c2e97a Add covrage ignore on error paths
    • 8c58434 Apply suggestions from code review
    • ff2fd57 add error for sourcePath
    • 8f02bdc disable url based features
    • a54d020 Fix browser bundling with webpack 5
    • 8682b1e Fix unsafe regexp
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • The generated project has some deprecated and unsupported dependencies, any plans on fixing them?

    The generated project has some deprecated and unsupported dependencies, any plans on fixing them?

    Thanks for this project, just bringing your attention to it.

    npm notice created a lockfile as package-lock.json. You should commit this file.
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected]~2.1.2 (node_modules\chokidar\node_modules\fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected]^1.2.7 (node_modules\@babel\cli\node_modules\chokidar\node_modules\fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected]^1.2.7 (node_modules\watchpack\node_modules\chokidar\node_modules\fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected]^1.2.7 (node_modules\@storybook\core\node_modules\chokidar\node_modules\fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected]^1.2.7 (node_modules\@storybook\react\node_modules\chokidar\node_modules\fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
    npm WARN [email protected] requires a peer of [email protected] - 3 but none is installed. You must install peer dependencies yourself.
    npm WARN [email protected] requires a peer of [email protected]^3.8.1 || ^4.0.0-rc.1 but none is installed. You must install peer dependencies yourself.
    npm WARN [email protected] requires a peer of [email protected]^7.1.3 but none is installed. You must install peer dependencies yourself.
    npm WARN [email protected] requires a peer of [email protected]^6.0.0 but none is installed. You must install peer dependencies yourself.
    npm WARN [email protected] requires a peer of [email protected]>=2.8.0 || >= 3.2.0-dev || >= 3.3.0-dev || >= 3.4.0-dev || >= 3.5.0-dev || >= 3.6.0-dev || >= 3.6.0-beta || >= 3.7.0-dev || >= 3.7.0-beta but none is installed. You must install peer dependencies yourself.
    npm WARN [email protected] No repository field.
    
    opened by saurabh-sp-tripathi 1
  • Bump acorn from 6.4.0 to 6.4.1

    Bump acorn from 6.4.0 to 6.4.1

    Bumps acorn from 6.4.0 to 6.4.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Update autoprefixer: 9.7.3 → 9.7.4 (patch)

    Update autoprefixer: 9.7.3 → 9.7.4 (patch)


    Welcome to Depfu 👋

    This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.

    After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.

    Let us know if you have any questions. Thanks so much for giving Depfu a try!


    Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

    What changed?

    ✳️ autoprefixer (9.7.3 → 9.7.4) · Repo · Changelog

    Release Notes

    9.7.4

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 6 commits:

    ✳️ postcss (7.0.25 → 7.0.27) · Repo · Changelog

    Release Notes

    7.0.27

    • Fix TypeScript definition (by @nex3).

    7.0.26 (from changelog)

    • Fix TypeScript definition (by Natalie Weizenbaum).

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 9 commits:


    Depfu Status

    Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

    All Depfu comment commands
    @​depfu rebase
    Rebases against your default branch and redoes this update
    @​depfu recreate
    Recreates this PR, overwriting any edits that you've made to it
    @​depfu merge
    Merges this PR once your tests are passing and conflicts are resolved
    @​depfu close
    Closes this PR and deletes the branch
    @​depfu reopen
    Restores the branch and reopens this PR (if it's closed)
    @​depfu pause
    Ignores all future updates for this dependency and closes this PR
    @​depfu pause [minor|major]
    Ignores all future minor/major updates for this dependency and closes this PR
    @​depfu resume
    Future versions of this dependency will create PRs again (leaves this PR as is)
    depfu 
    opened by depfu[bot] 1
  • Update @fortawesome/fontawesome-free: 5.12.0 → 5.12.1 (patch)

    Update @fortawesome/fontawesome-free: 5.12.0 → 5.12.1 (patch)


    Welcome to Depfu 👋

    This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.

    After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.

    Let us know if you have any questions. Thanks so much for giving Depfu a try!


    Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

    What changed?

    ✳️ @​fortawesome/fontawesome-free (5.12.0 → 5.12.1) · Repo · Changelog

    Release Notes

    5.12.1

    Added

    Changed

    • Do not separate web fonts files for Free Kits
    • The .fab CSS class now has explicit weight of 400 instead of inheriting 'normal'
    • Balance the plus symbol in file-plus and folder-plus #16004
    • Removed cross from coffin (new coffin-cross still available) #15646
    • Updated edge brand icon #15771
    • Updated clock hands #15779

    Fixed

    • Guard against run-away pseudo element searching with String.codePointAt ponyfill
    • Silence errors when using the conflict detector

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 1 commit:


    Depfu Status

    Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

    All Depfu comment commands
    @​depfu rebase
    Rebases against your default branch and redoes this update
    @​depfu recreate
    Recreates this PR, overwriting any edits that you've made to it
    @​depfu merge
    Merges this PR once your tests are passing and conflicts are resolved
    @​depfu close
    Closes this PR and deletes the branch
    @​depfu reopen
    Restores the branch and reopens this PR (if it's closed)
    @​depfu pause
    Ignores all future updates for this dependency and closes this PR
    @​depfu pause [minor|major]
    Ignores all future minor/major updates for this dependency and closes this PR
    @​depfu resume
    Future versions of this dependency will create PRs again (leaves this PR as is)
    depfu 
    opened by depfu[bot] 1
  • Bump lodash from 4.17.15 to 4.17.19

    Bump lodash from 4.17.15 to 4.17.19

    Bumps lodash from 4.17.15 to 4.17.19.

    Release notes

    Sourced from lodash's releases.

    4.17.16

    Commits
    Maintainer changes

    This version was pushed to npm by mathias, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Update autoprefixer: 9.7.3 → 9.7.5 (patch)

    Update autoprefixer: 9.7.3 → 9.7.5 (patch)


    Welcome to Depfu 👋

    This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.

    After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.

    Let us know if you have any questions. Thanks so much for giving Depfu a try!


    Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

    What changed?

    ✳️ autoprefixer (9.7.3 → 9.7.5) · Repo · Changelog

    Release Notes

    9.7.5

    • Fix -webkit-stretch support.

    9.7.4

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 11 commits:

    ✳️ postcss (7.0.25 → 7.0.27) · Repo · Changelog

    Release Notes

    7.0.27

    • Fix TypeScript definition (by @nex3).

    7.0.26 (from changelog)

    • Fix TypeScript definition (by Natalie Weizenbaum).

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 9 commits:


    Depfu Status

    Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

    All Depfu comment commands
    @​depfu rebase
    Rebases against your default branch and redoes this update
    @​depfu recreate
    Recreates this PR, overwriting any edits that you've made to it
    @​depfu merge
    Merges this PR once your tests are passing and conflicts are resolved
    @​depfu close
    Closes this PR and deletes the branch
    @​depfu reopen
    Restores the branch and reopens this PR (if it's closed)
    @​depfu pause
    Ignores all future updates for this dependency and closes this PR
    @​depfu pause [minor|major]
    Ignores all future minor/major updates for this dependency and closes this PR
    @​depfu resume
    Future versions of this dependency will create PRs again (leaves this PR as is)
    depfu 
    opened by depfu[bot] 0
  • Update @fortawesome/fontawesome-free: 5.12.0 → 5.13.0 (minor)

    Update @fortawesome/fontawesome-free: 5.12.0 → 5.13.0 (minor)


    Welcome to Depfu 👋

    This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.

    After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.

    Let us know if you have any questions. Thanks so much for giving Depfu a try!


    Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

    What changed?

    ✳️ @​fortawesome/fontawesome-free (5.12.0 → 5.13.0) · Repo · Changelog

    Release Notes

    5.13.0

    Added

    • New icons related to COVID-19
    • Added the ability to specify mask ID and title ID for SVG with JS which allows
      snapshot testing tools to get a predictable result when executing tests

    Changed

    • Explicitly set font-display to block which supresses warnings of font-display
      in tools like Lighthouse

    Fixed

    • Corrected version 4 font face shim src attribute declaration that was warning
      of incorrect font file format
    • Fixed font family name to be 'Font Awesome 5 Free' for free kits when using
      pseudo-elements

    5.12.1

    Added

    Changed

    • Do not separate web fonts files for Free Kits
    • The .fab CSS class now has explicit weight of 400 instead of inheriting 'normal'
    • Balance the plus symbol in file-plus and folder-plus #16004
    • Removed cross from coffin (new coffin-cross still available) #15646
    • Updated edge brand icon #15771
    • Updated clock hands #15779

    Fixed

    • Guard against run-away pseudo element searching with String.codePointAt ponyfill
    • Silence errors when using the conflict detector

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 2 commits:


    Depfu Status

    Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

    All Depfu comment commands
    @​depfu rebase
    Rebases against your default branch and redoes this update
    @​depfu recreate
    Recreates this PR, overwriting any edits that you've made to it
    @​depfu merge
    Merges this PR once your tests are passing and conflicts are resolved
    @​depfu close
    Closes this PR and deletes the branch
    @​depfu reopen
    Restores the branch and reopens this PR (if it's closed)
    @​depfu pause
    Ignores all future updates for this dependency and closes this PR
    @​depfu pause [minor|major]
    Ignores all future minor/major updates for this dependency and closes this PR
    @​depfu resume
    Future versions of this dependency will create PRs again (leaves this PR as is)
    depfu 
    opened by depfu[bot] 0
  • Update bcrypt: 4.0.0 → 4.0.1 (patch)

    Update bcrypt: 4.0.0 → 4.0.1 (patch)


    Welcome to Depfu 👋

    This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.

    After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.

    Let us know if you have any questions. Thanks so much for giving Depfu a try!


    Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

    What changed?

    ✳️ bcrypt (4.0.0 → 4.0.1) · Repo · Changelog

    Release Notes

    4.0.1

    bcrypt 4.0.1

    Does any of this look wrong? Please let us know.

    Commits

    See the full diff on Github. The new version differs by 6 commits:


    Depfu Status

    Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

    All Depfu comment commands
    @​depfu rebase
    Rebases against your default branch and redoes this update
    @​depfu recreate
    Recreates this PR, overwriting any edits that you've made to it
    @​depfu merge
    Merges this PR once your tests are passing and conflicts are resolved
    @​depfu close
    Closes this PR and deletes the branch
    @​depfu reopen
    Restores the branch and reopens this PR (if it's closed)
    @​depfu pause
    Ignores all future updates for this dependency and closes this PR
    @​depfu pause [minor|major]
    Ignores all future minor/major updates for this dependency and closes this PR
    @​depfu resume
    Future versions of this dependency will create PRs again (leaves this PR as is)
    depfu 
    opened by depfu[bot] 0
  • Add license scan report and status

    Add license scan report and status

    Your FOSSA integration was successful! Attached in this PR is a badge and license report to track scan status in your README.

    Below are docs for integrating FOSSA license checks into your CI:

    opened by fossabot 0
  • Bump path-parse from 1.0.6 to 1.0.7

    Bump path-parse from 1.0.6 to 1.0.7

    Bumps path-parse from 1.0.6 to 1.0.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump postcss from 7.0.34 to 7.0.36

    Bump postcss from 7.0.34 to 7.0.36

    Bumps postcss from 7.0.34 to 7.0.36.

    Release notes

    Sourced from postcss's releases.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.

    7.0.35

    Changelog

    Sourced from postcss's changelog.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.

    7.0.35

    • Add migration guide link to PostCSS 8 error text.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump merge-deep from 3.0.2 to 3.0.3

    Bump merge-deep from 3.0.2 to 3.0.3

    Bumps merge-deep from 3.0.2 to 3.0.3.

    Commits
    • 628ff47 3.0.3
    • cfbe20c run verb to generate README documentation
    • e370968 Merge pull request #17 from jonschlinkert/key-properties
    • 393e2cb adding a test to ensure using merge-deep for inheritance still works
    • c39b161 add test to ensure constructor is not cloned
    • 11e5dd5 add isValidKey function to ensure only valid keys are merged
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump ws from 6.2.1 to 6.2.2

    Bump ws from 6.2.1 to 6.2.2

    Bumps ws from 6.2.1 to 6.2.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump hosted-git-info from 2.8.8 to 2.8.9

    Bump hosted-git-info from 2.8.8 to 2.8.9

    Bumps hosted-git-info from 2.8.8 to 2.8.9.

    Changelog

    Sourced from hosted-git-info's changelog.

    2.8.9 (2021-04-07)

    Bug Fixes

    Commits
    Maintainer changes

    This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump lodash from 4.17.20 to 4.17.21

    Bump lodash from 4.17.20 to 4.17.21

    Bumps lodash from 4.17.20 to 4.17.21.

    Commits
    • f299b52 Bump to v4.17.21
    • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
    • 3469357 Prevent command injection through _.template's variable option
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(4.2.1)
  • 4.2.1(Sep 17, 2020)

    • merge from develop 1f816d8
    • fix issue #52. 5dc97c2
    • Merge pull request #50 from htdangkhoa/dependabot/npm_and_yarn/lodash-4.17.19 a846429
    • Bump lodash from 4.17.15 to 4.17.19 e8d1a53
    • update deps 97f4912

    https://github.com/htdangkhoa/erb/compare/v4.2.0...v4.2.1

    Source code(tar.gz)
    Source code(zip)
  • 4.2.0(Jun 28, 2020)

  • 4.1.1(Jun 16, 2020)

    [UPDATE]:

    • Update docs.
    • Bump version flow-bin to 0.127.0.

    [FIX]:

    • Display wrong PORT number after compiled in development.
    • Improve code quality.
    Source code(tar.gz)
    Source code(zip)
  • 4.1.0(Jun 12, 2020)

    [NEW]:

    • Now, the opening browser is optional with --serve flag. Ex:
        $ yarn dev --serve
      
    • Splitting webpack & speed up development compile time.

    [UPDATE]:

    • Update docs.
    • Bump version bcrypt to 5.0.0.
    • Bump version serialize-javascript to 4.0.0.

    [FIX]:

    • Port is undefined in request.js
    Source code(tar.gz)
    Source code(zip)
  • 4.0.0(Jun 5, 2020)

    [NEW]:

    • Auto change port if it's used on DEV mode.
    • Webpack split chunks are better.

    [BREAKING]:

    • Remove react-router, just use react-router-dom instead.

    [UPDATE]:

    • Update deps.
    • Improve documents.

    [FIX]:

    • lastLocation.pathname make Layout component crashed.
    Source code(tar.gz)
    Source code(zip)
  • 3.0.0(Apr 27, 2020)

    [NEW]:

    [BREAKING]:

    • Remove rimraf, use del-cli instead.
    • Remove from dotenv-flow, use env-cmd instead.
    • Move all of the bundled files from public/assets to public.

    [UPDATE]:

    • Improve documents.
    Source code(tar.gz)
    Source code(zip)
  • 2.1.4(Feb 25, 2020)

  • 2.1.3(Feb 11, 2020)

  • 2.1.2(Jan 17, 2020)

    • update dependencies d203608
    • Create FUNDING.yml bf719ad
    • Merge branches 'develop' and 'master' of https://github.com/htdangkhoa/erb f9e5998
    • fix status 404 b93e1cd
    • Merge branches 'develop' and 'master' of https://github.com/htdangkhoa/erb a321939
    • improve SEO & security ba01f0f
    • Merge branches 'develop' and 'master' of https://github.com/htdangkhoa/erb 98cd56f
    • disable initial onPageChange 7f7d988
    • Merge branches 'develop' and 'master' of https://github.com/htdangkhoa/erb cc08071
    • update profile 4eed7f7

    https://github.com/htdangkhoa/erb/compare/v2.1.1...v2.1.2

    Source code(tar.gz)
    Source code(zip)
  • 2.1.1(Dec 19, 2019)

  • 2.1.0(Dec 19, 2019)

    [NEW]:

    [FIX]:

    • Wrong publicPath of asset-require-hook in hooks.js
    • Hot module replacement not working when redux store changed.
    • getMeAction always called.

    [UPDATE]:

    • Improve documents.
    Source code(tar.gz)
    Source code(zip)
  • 2.0.1(Dec 17, 2019)

  • 2.0.0(Dec 17, 2019)

    [BREAKING]:

    • Move public out of src.

    [NEW]:

    • Support webpack splitChunks.
    • Use @loadable/server & loadable-components to insert bundled styles, scripts into and