Bumps lodash to 4.17.21 and updates ancestor dependencies lodash, grunt-contrib-jasmine and load-grunt-config. These dependencies need to be updated together.
Updates lodash
from 4.17.19 to 4.17.21
Commits
f299b52
Bump to v4.17.21
c4847eb
Improve performance of toNumber
, trim
and trimEnd
on large input strings
3469357
Prevent command injection through _.template
's variable
option
ded9bc6
Bump to v4.17.20.
63150ef
Documentation fixes.
00f0f62
test.js: Remove trailing comma.
846e434
Temporarily use a custom fork of lodash-cli
.
5d046f3
Re-enable Travis tests on 4.17
branch.
aa816b3
Remove /npm-package
.
- See full diff in compare view
Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates grunt-contrib-jasmine
from 1.2.0 to 3.0.0
Release notes
Sourced from grunt-contrib-jasmine's releases.
v3.0.0
- Merge pull request #334 from gruntjs/add-actions 32d89c3
- Use Actions 775abc5
- Merge pull request #333 from gruntjs/deps-changelog 623c79c
- Update deps and readme cd3efba
- Merge pull request #332 from fred104/puppeteer_upgrade 3b3abc7
- drop node 8 support 072ee93
- bump puppeteer to 8.0.0 180061c
- Bump hosted-git-info from 2.6.0 to 2.8.9 27e959e
- Bump handlebars from 4.5.3 to 4.7.7 7491685
- Bump lodash from 4.17.19 to 4.17.21 672814d
- Bump grunt from 1.0.4 to 1.3.0 2ff9e25
- Bump ssri from 6.0.1 to 6.0.2 e4763af
- Bump y18n from 4.0.0 to 4.0.1 7499b17
- Merge pull request #325 from gruntjs/dependabot/npm_and_yarn/yargs-parser-13.1.2 1aa690f
- Bump yargs-parser from 13.1.0 to 13.1.2 4c2e2d6
- Bump lodash from 4.17.15 to 4.17.19 de2ada4
- Merge pull request #323 from gruntjs/dependabot/npm_and_yarn/npm-registry-fetch-4.0.5 80a5f1c
- Bump npm-registry-fetch from 4.0.0 to 4.0.5 b49cca4
- Merge pull request #322 from gruntjs/dependabot/npm_and_yarn/websocket-extensions-0.1.4 4d2c3cb
- Bump websocket-extensions from 0.1.3 to 0.1.4 1168d11
- Set package.json version 02ae04f
- Merge pull request #320 from gruntjs/rel-pp aa36400
- v2.2.0 bf5f771
- Merge pull request #321 from gruntjs/fix-300 607e95a
- Merge branch 'fix-issue-299' 444aa37
- Merge pull request #319 from wondersloth/feat-puppeteer-options f4d996b
- options.sandboxArgs; passing options to puppeteer 1dccda6
- Bump https-proxy-agent from 2.2.2 to 2.2.4 7545819
- Bump acorn from 6.2.1 to 6.4.1 ae324b1
- Merge pull request #314 from gruntjs/dependabot/npm_and_yarn/handlebars-4.5.3 fed53a4
- Bump handlebars from 4.1.2 to 4.5.3 5d86730
- Bump extend from 3.0.1 to 3.0.2 59565bd
- Merge pull request #312 from gruntjs/dependabot/npm_and_yarn/eslint-utils-1.4.3 71559de
- Bump eslint-utils from 1.4.0 to 1.4.3 0e05d88
- Update README c85f8c9
- Merge pull request #308 from gruntjs/update-deps 6fefef1
- Update deps 868ae4b
- added --allow-file-access-from-files tag issue 298 f9b99fd
- Bump package-lock again per npm audit e52e8bf
- Fix regression in reporter to allow running in browser abb7e4e
- Update packages per node audit 0150e80
- Add new event-based system for sandbox communication 9371fdb
- Merge pull request #301 from AlexChesters/patch-1 137f621
- update package-lock 5632fd3
- update puppeteer version 9f11b65
- moved resolveJasmine/jasminePromise function to fix scope issue fd78052
- chore: 🌲 update deps 0981f03
- Pass through console output from puppeteer 26be197
... (truncated)
Changelog
Sourced from grunt-contrib-jasmine's changelog.
v3.0.0:
date: 2021-05-13
changes:
- Dependency Updates
- drop node 8 support
- bump puppeteer to 8.0.0
v2.2.0:
date: 2020-05-04
changes:
- Dependency updates
- set the default option timeout value to 30 secs to sync with puppeteer's default timeout value.
- options.sandboxArgs; passing options to puppeteer
v2.1.3:
date: 2019-07-31
changes:
- Fix security deps
- Update Puppeteer
v2.0.3:
date: 2018-11-14
changes:
- Fix security deps: lodash
- Build only should pass if the buildSpecrunner runs without error
v2.0.2:
date: 2018-08-13
changes:
- Fix noSandbox option.
- Fix startTime, and timing issues.
v2.0.1:
date: 2018-05-31
changes:
- Use the grunt current working directory to find the jasmine core.
- Implement options.version.
- Dependency updates.
v2.0.0:
date: 2018-05-19
changes:
- Switch from PhantomJS to Chrome Headless via Puppeteer
v1.1.0:
date: 2017-01-12
changes:
- adds tempDir
option.
- locks jasmine version
v1.0.3:
date: 2016-04-07
changes:
- Move to a non-deprecated sprintf.
v1.0.2:
... (truncated)
Commits
32d89c3
Merge pull request #334 from gruntjs/add-actions
775abc5
Use Actions
623c79c
Merge pull request #333 from gruntjs/deps-changelog
cd3efba
Update deps and readme
3b3abc7
Merge pull request #332 from fred104/puppeteer_upgrade
072ee93
drop node 8 support
180061c
bump puppeteer to 8.0.0
27e959e
Bump hosted-git-info from 2.6.0 to 2.8.9
7491685
Bump handlebars from 4.5.3 to 4.7.7
672814d
Bump lodash from 4.17.19 to 4.17.21
- Additional commits viewable in compare view
Updates load-grunt-config
from 0.19.2 to 4.0.1
Release notes
Sourced from load-grunt-config's releases.
Release 4.0.1
Release 4.0.0
Release 3.0.2
Release 3.0.1
Release 3.0.1
Release 3.0.0-rc3
Release 2.0.1
Release 2.0.0
Release 1.0.2
Release 1.0.1
No release notes provided.
Release 1.0.0
No release notes provided.
Changelog
Sourced from load-grunt-config's changelog.
4.0.1 / 2021-08-20
- Debug version to investigate issue with
js-yaml
& js-yaml-js-types
4.0.0 / 2021-07-04
- Dropped support of CoffeeScript (breaking change)
- Removed package-lock.json
- Updated dependencies:
- js-yaml from 3.13.1 to 4.1.0
- cson from 5.1.0 to 7.20.0
- glob 7.1.4 to 7.1.7
- Added dependencies:
- js-yaml-js-types version 1.0.0
- Updated devDependencies:
- grunt from 1.0.4 to 1.4.1
- proxyquire from 2.1.1 to 2.1.3
- grunt-gh-pages from 3.1.0 to 4.0.0
- sinon from 7.3.2 to 11.1.1
- Added devDependencies:
- Removed devDependencies:
3.0.2 / 2021-07-04
- Updated dependencies:
- lodash from 4.17.15 to 4.7.21
3.0.1 / 2019-09-10
- Allowed relative path for JS loading
3.0.0 / 2019-08-01
- Dropped support of node lower than 8
- Added yarn.lock
- Updated dependencies:
- load-grunt-tasks from 4.0.0 to 5.1.0
- lodash from 4.17.11 to 4.17.15
- Updated devDependencies
2.0.1 / 2019-07-25
- Updated dependencies:
- lodash from 4.7.11 to 4.7.15
- Updated devDependencies
... (truncated)
Commits
26b9158
Release 4.0.1
1067941
- updated dependencies to latest versions
c98250f
Released 3.0.2
5e59e4b
Merge pull request #190 from firstandthird/dependabot/npm_and_yarn/lodash-4.1...
aca47e8
Bump lodash from 4.17.15 to 4.17.21
2539c63
small linter fix
cbc64f4
Released 3.0.1
9d8f1eb
Merge pull request #184 from zypA13510/patch-1
5b2aa3b
fix(readfile): resolve relative path before require
e5f90e3
Released 3.0.0
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it
@dependabot merge
will merge this PR after your CI passes on it
@dependabot squash and merge
will squash and merge this PR after your CI passes on it
@dependabot cancel merge
will cancel a previously requested merge and block automerging
@dependabot reopen
will reopen this PR if it is closed
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
dependencies