Sourced from grunt's releases.

v1.5.2

• Update Changelog 7f15fd5
• Merge pull request #1743 from gruntjs/cleanup-link b0ec6e1
• Clean up link handling 433f91b

https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2

v1.5.1

• Merge pull request #1742 from gruntjs/update-symlink-test ad22608
• Fix symlink test 0652305

https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1

v1.5.0

• Updated changelog b2b2c2b
• Merge pull request #1740 from gruntjs/update-deps-22-10 3eda6ae
• Update testing matrix 47d32de
• More updates 2e9161c
• Remove console log 04b960e
• Update dependencies, tests... aad3d45
• Merge pull request #1736 from justlep/main fdc7056
• support .cjs extension e35fe54

https://github.com/gruntjs/grunt/compare/v1.4.1...v1.5.0

v1.4.1

• Update Changelog e7625e5
• Merge pull request #1731 from gruntjs/update-options 5d67e34
• Fix ci install d13bf88
• Switch to Actions 08896ae
• Update grunt-known-options eee0673
• Add note about a breaking change 1b6e288

https://github.com/gruntjs/grunt/compare/v1.4.0...v1.4.1

v1.4.0

• Merge pull request #1728 from gruntjs/update-deps-changelog 63b2e89
• Update changelog and util dep 106ed17
• Merge pull request #1727 from gruntjs/update-deps-apr 49de70b
• Update CLI and nodeunit 47cf8b6
• Merge pull request #1722 from gruntjs/update-through e86db1c
• Update deps 4952368

https://github.com/gruntjs/grunt/compare/v1.3.0...v1.4.0

v1.3.0

• Merge pull request #1720 from gruntjs/update-changelog-deps faab6be
• Update Changelog and legacy-util dependency 520fedb
• Merge pull request #1719 from gruntjs/yaml-refactor 7e669ac
• Switch to use safeLoad for loading YML files via file.readYAML. e350cea

... (truncated)

Sourced from grunt's changelog.

v1.5.2 date: 2022-04-12 changes: - Unlink symlinks when copy destination is a symlink. v1.5.1 date: 2022-04-11 changes: - Fixed symlink destination handling. v1.5.0 date: 2022-04-10 changes: - Updated dependencies. - Add symlink handling for copying files. v1.4.1 date: 2021-05-24 changes: - Fix --preload option to be a known option - Switch to GitHub Actions v1.4.0 date: 2021-04-21 changes: - Security fixes in production and dev dependencies - Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb. v1.3.0 date: 2020-08-18 changes: - Switch to use safeLoad for loading YML files via file.readYAML. - Upgrade legacy-log to ~3.0.0. - Upgrade legacy-util to ~2.0.0.

• ac667b2 1.5.2
• 7f15fd5 Update Changelog
• b0ec6e1 Merge pull request #1743 from gruntjs/cleanup-link
• 433f91b Clean up link handling
• d5969ec 1.5.1
• ad22608 Merge pull request #1742 from gruntjs/update-symlink-test
• 0652305 Fix symlink test
• a7ab0a8 1.5.0
• b2b2c2b Updated changelog
• 3eda6ae Merge pull request #1740 from gruntjs/update-deps-22-10
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from grunt's releases.

v1.3.0

• Merge pull request #1720 from gruntjs/update-changelog-deps faab6be
• Update Changelog and legacy-util dependency 520fedb
• Merge pull request #1719 from gruntjs/yaml-refactor 7e669ac
• Switch to use safeLoad for loading YML files via file.readYAML. e350cea
• Merge pull request #1718 from gruntjs/legacy-log-bumo 7125f49
• Bump legacy-log 00d5907

https://github.com/gruntjs/grunt/compare/v1.2.1...v1.3.0

Sourced from grunt's changelog.

v1.3.0 date: 2020-08-18 changes: - Switch to use safeLoad for loading YML files via file.readYAML. - Upgrade legacy-log to ~3.0.0. - Upgrade legacy-util to ~2.0.0.

• 6f49017 1.3.0
• faab6be Merge pull request #1720 from gruntjs/update-changelog-deps
• 520fedb Update Changelog and legacy-util dependency
• 7e669ac Merge pull request #1719 from gruntjs/yaml-refactor
• e350cea Switch to use safeLoad for loading YML files via file.readYAML.
• 7125f49 Merge pull request #1718 from gruntjs/legacy-log-bumo
• 00d5907 Bump legacy-log
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 7efb22a 1.2.6
• ef88b93 security notice for additional prototype pollution issue
• c2b9819 isConstructorOrProto adapted from PR
• bc8ecee test from prototype pollution PR
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• See full diff in compare view

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• See full diff in compare view

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Sourced from grunt-contrib-jasmine's releases.

v3.0.0

• Merge pull request #334 from gruntjs/add-actions 32d89c3
• Use Actions 775abc5
• Merge pull request #333 from gruntjs/deps-changelog 623c79c
• Update deps and readme cd3efba
• Merge pull request #332 from fred104/puppeteer_upgrade 3b3abc7
• drop node 8 support 072ee93
• bump puppeteer to 8.0.0 180061c
• Bump hosted-git-info from 2.6.0 to 2.8.9 27e959e
• Bump handlebars from 4.5.3 to 4.7.7 7491685
• Bump lodash from 4.17.19 to 4.17.21 672814d
• Bump grunt from 1.0.4 to 1.3.0 2ff9e25
• Bump ssri from 6.0.1 to 6.0.2 e4763af
• Bump y18n from 4.0.0 to 4.0.1 7499b17
• Merge pull request #325 from gruntjs/dependabot/npm_and_yarn/yargs-parser-13.1.2 1aa690f
• Bump yargs-parser from 13.1.0 to 13.1.2 4c2e2d6
• Bump lodash from 4.17.15 to 4.17.19 de2ada4
• Merge pull request #323 from gruntjs/dependabot/npm_and_yarn/npm-registry-fetch-4.0.5 80a5f1c
• Bump npm-registry-fetch from 4.0.0 to 4.0.5 b49cca4
• Merge pull request #322 from gruntjs/dependabot/npm_and_yarn/websocket-extensions-0.1.4 4d2c3cb
• Bump websocket-extensions from 0.1.3 to 0.1.4 1168d11
• Set package.json version 02ae04f
• Merge pull request #320 from gruntjs/rel-pp aa36400
• v2.2.0 bf5f771
• Merge pull request #321 from gruntjs/fix-300 607e95a
• Merge branch 'fix-issue-299' 444aa37
• Merge pull request #319 from wondersloth/feat-puppeteer-options f4d996b
• options.sandboxArgs; passing options to puppeteer 1dccda6
• Bump https-proxy-agent from 2.2.2 to 2.2.4 7545819
• Bump acorn from 6.2.1 to 6.4.1 ae324b1
• Merge pull request #314 from gruntjs/dependabot/npm_and_yarn/handlebars-4.5.3 fed53a4
• Bump handlebars from 4.1.2 to 4.5.3 5d86730
• Bump extend from 3.0.1 to 3.0.2 59565bd
• Merge pull request #312 from gruntjs/dependabot/npm_and_yarn/eslint-utils-1.4.3 71559de
• Bump eslint-utils from 1.4.0 to 1.4.3 0e05d88
• Update README c85f8c9
• Merge pull request #308 from gruntjs/update-deps 6fefef1
• Update deps 868ae4b
• added --allow-file-access-from-files tag issue 298 f9b99fd
• Bump package-lock again per npm audit e52e8bf
• Fix regression in reporter to allow running in browser abb7e4e
• Update packages per node audit 0150e80
• Add new event-based system for sandbox communication 9371fdb
• Merge pull request #301 from AlexChesters/patch-1 137f621
• update package-lock 5632fd3
• update puppeteer version 9f11b65
• moved resolveJasmine/jasminePromise function to fix scope issue fd78052
• chore: 🌲 update deps 0981f03
• Pass through console output from puppeteer 26be197

... (truncated)

Sourced from grunt-contrib-jasmine's changelog.

v3.0.0: date: 2021-05-13 changes: - Dependency Updates - drop node 8 support - bump puppeteer to 8.0.0 v2.2.0: date: 2020-05-04 changes: - Dependency updates - set the default option timeout value to 30 secs to sync with puppeteer's default timeout value. - options.sandboxArgs; passing options to puppeteer v2.1.3: date: 2019-07-31 changes: - Fix security deps - Update Puppeteer v2.0.3: date: 2018-11-14 changes: - Fix security deps: lodash - Build only should pass if the buildSpecrunner runs without error v2.0.2: date: 2018-08-13 changes: - Fix noSandbox option. - Fix startTime, and timing issues.

v2.0.1: date: 2018-05-31 changes: - Use the grunt current working directory to find the jasmine core. - Implement options.version. - Dependency updates.

v2.0.0: date: 2018-05-19 changes: - Switch from PhantomJS to Chrome Headless via Puppeteer

v1.1.0: date: 2017-01-12 changes: - adds tempDir option. - locks jasmine version v1.0.3: date: 2016-04-07 changes: - Move to a non-deprecated sprintf. v1.0.2:

... (truncated)

• 32d89c3 Merge pull request #334 from gruntjs/add-actions
• 775abc5 Use Actions
• 623c79c Merge pull request #333 from gruntjs/deps-changelog
• cd3efba Update deps and readme
• 3b3abc7 Merge pull request #332 from fred104/puppeteer_upgrade
• 072ee93 drop node 8 support
• 180061c bump puppeteer to 8.0.0
• 27e959e Bump hosted-git-info from 2.6.0 to 2.8.9
• 7491685 Bump handlebars from 4.5.3 to 4.7.7
• 672814d Bump lodash from 4.17.19 to 4.17.21
• Additional commits viewable in compare view

Sourced from load-grunt-config's releases.

Release 4.0.1

Release 4.0.0

Release 3.0.2

Release 3.0.1

Release 3.0.1

Release 3.0.0-rc3

Release 2.0.1

Release 2.0.0

Release 1.0.2

Release 1.0.1

No release notes provided.

Release 1.0.0

No release notes provided.

Sourced from load-grunt-config's changelog.

4.0.1 / 2021-08-20

• Debug version to investigate issue with js-yaml & js-yaml-js-types

4.0.0 / 2021-07-04

• Dropped support of CoffeeScript (breaking change)
• Removed package-lock.json
• Updated dependencies:
  • js-yaml from 3.13.1 to 4.1.0
  • cson from 5.1.0 to 7.20.0
  • glob 7.1.4 to 7.1.7
• Added dependencies:
  • js-yaml-js-types version 1.0.0
• Updated devDependencies:
  • grunt from 1.0.4 to 1.4.1
  • proxyquire from 2.1.1 to 2.1.3
  • grunt-gh-pages from 3.1.0 to 4.0.0
  • sinon from 7.3.2 to 11.1.1
• Added devDependencies:
  • grunt-mocha-cli 7.0.0
• Removed devDependencies:
  • grunt-simple-mocha

3.0.2 / 2021-07-04

• Updated dependencies:
  • lodash from 4.17.15 to 4.7.21

3.0.1 / 2019-09-10

• Allowed relative path for JS loading

3.0.0 / 2019-08-01

• Dropped support of node lower than 8
• Added yarn.lock
• Updated dependencies:
  • load-grunt-tasks from 4.0.0 to 5.1.0
  • lodash from 4.17.11 to 4.17.15
• Updated devDependencies

2.0.1 / 2019-07-25

• Updated dependencies:
  • lodash from 4.7.11 to 4.7.15
• Updated devDependencies

... (truncated)

• 26b9158 Release 4.0.1
• 1067941 - updated dependencies to latest versions
• c98250f Released 3.0.2
• 5e59e4b Merge pull request #190 from firstandthird/dependabot/npm_and_yarn/lodash-4.1...
• aca47e8 Bump lodash from 4.17.15 to 4.17.21
• 2539c63 small linter fix
• cbc64f4 Released 3.0.1
• 9d8f1eb Merge pull request #184 from zypA13510/patch-1
• 5b2aa3b fix(readfile): resolve relative path before require
• e5f90e3 Released 3.0.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from js-yaml's changelog.

[3.14.0] - 2020-05-22

Changed

• Support safe/loadAll(input, options) variant of call.
• CI: drop outdated nodejs versions.
• Dev deps bump.

Fixed

• Quote = in plain scalars #519.
• Check the node type for !<?> tag in case user manually specifies it.
• Verify that there are no null-bytes in input.
• Fix wrong quote position when writing condensed flow, #526.

[3.13.1] - 2019-04-05

Security

• Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

• Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

• Fix noArrayIndent option for root level, #468.

[3.12.1] - 2019-01-05

Added

• Added noArrayIndent option, #432.

[3.12.0] - 2018-06-02

Changed

• Support arrow functions without a block statement, #421.

[3.11.0] - 2018-03-05

Added

• Add arrow functions suport for !!js/function.

Fixed

• Fix dump in bin/octal/hex formats for negative integers, #399.

[3.10.0] - 2017-09-10

Fixed

• Fix condenseFlow output (quote keys for sure, instead of spaces), #371, #370.

... (truncated)

• 34e5072 3.14.0 released
• 7b25c83 Browser files rebuild
• 6f73473 Dev deps bump
• 0c29349 Travis-CI: drop old nodejs versions
• 10be97e fix(loader): Add support for safe/loadAll(input, options)
• d6983dd Fix issue #526: wrong quote position writing condensed flow (#527)
• 93fbf7d fix issue 526 (wrong quote position writing condensed flow)
• e569cc7 readme: update titelift info
• 8fb2905 changelog format update
• 33c2236 Verify that there are no null-bytes in input
• Additional commits viewable in compare view

Sourced from load-grunt-config's releases.

Release 4.0.1

Release 4.0.0

Release 3.0.2

Release 3.0.1

Release 3.0.1

Release 3.0.0-rc3

Release 2.0.1

Release 2.0.0

Release 1.0.2

Release 1.0.1

No release notes provided.

Release 1.0.0

No release notes provided.

Sourced from load-grunt-config's changelog.

4.0.1 / 2021-08-20

• Debug version to investigate issue with js-yaml & js-yaml-js-types

4.0.0 / 2021-07-04

• Dropped support of CoffeeScript (breaking change)
• Removed package-lock.json
• Updated dependencies:
  • js-yaml from 3.13.1 to 4.1.0
  • cson from 5.1.0 to 7.20.0
  • glob 7.1.4 to 7.1.7
• Added dependencies:
  • js-yaml-js-types version 1.0.0
• Updated devDependencies:
  • grunt from 1.0.4 to 1.4.1
  • proxyquire from 2.1.1 to 2.1.3
  • grunt-gh-pages from 3.1.0 to 4.0.0
  • sinon from 7.3.2 to 11.1.1
• Added devDependencies:
  • grunt-mocha-cli 7.0.0
• Removed devDependencies:
  • grunt-simple-mocha

3.0.2 / 2021-07-04

• Updated dependencies:
  • lodash from 4.17.15 to 4.7.21

3.0.1 / 2019-09-10

• Allowed relative path for JS loading

3.0.0 / 2019-08-01

• Dropped support of node lower than 8
• Added yarn.lock
• Updated dependencies:
  • load-grunt-tasks from 4.0.0 to 5.1.0
  • lodash from 4.17.11 to 4.17.15
• Updated devDependencies

2.0.1 / 2019-07-25

• Updated dependencies:
  • lodash from 4.7.11 to 4.7.15
• Updated devDependencies

... (truncated)

• 26b9158 Release 4.0.1
• 1067941 - updated dependencies to latest versions
• c98250f Released 3.0.2
• 5e59e4b Merge pull request #190 from firstandthird/dependabot/npm_and_yarn/lodash-4.1...
• aca47e8 Bump lodash from 4.17.15 to 4.17.21
• 2539c63 small linter fix
• cbc64f4 Released 3.0.1
• 9d8f1eb Merge pull request #184 from zypA13510/patch-1
• 5b2aa3b fix(readfile): resolve relative path before require
• e5f90e3 Released 3.0.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• f6f6a3b Use a little more robust method of checking instances
• ef60987 Update version
• b62f1da Protect against constructor modification, #84
• fb427cd Link to json-schema-org repository in addition to site, fixes #54
• 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
• c52a27c Get basic test to pass
• b3f42b3 Add security policy
• 3b0cec3 Update version
• c28470f Update readme to acknowledge the state of the package
• 7dff9cd Merge pull request #81 from hodovani/patch-1
• Additional commits viewable in compare view

Sourced from jsprim's changelog.

v1.4.2 (2021-11-29)

• #35 Backport json-schema 0.4.0 to version 1.4.x

• 5c8475f joyent/node-jsprim#35 Backport json-schema 0.4.0 to version 1.4.x
• See full diff in compare view

This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 782c264 3.0.8
• 6ade2da fix: trim pattern
• a6f52b0 3.0.7
• e4cd434 fix: treat nocase:true as always having magic
• e6bbe1c publishConfig for 3.0
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• 5dbd6a7 ci: tests and makework
• dbda065 full test coverage, adding tests, deleting dead code
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.