Bump grunt from 0.4.5 to 1.5.3

dependabot[bot] commented 1 year ago

Bumps grunt from 0.4.5 to 1.5.3.

Release notes

v1.5.3

Merge pull request #1745 from gruntjs/fix-copy-op 572d79b

Patch up race condition in symlink copying. 58016ff

Merge pull request #1746 from JamieSlome/patch-1 0749e1d

Create SECURITY.md 69b7c50

https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3

v1.5.2

Update Changelog 7f15fd5

Merge pull request #1743 from gruntjs/cleanup-link b0ec6e1

Clean up link handling 433f91b

https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2

v1.5.1

Merge pull request #1742 from gruntjs/update-symlink-test ad22608

Fix symlink test 0652305

https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1

v1.5.0

Updated changelog b2b2c2b

Merge pull request #1740 from gruntjs/update-deps-22-10 3eda6ae

Update testing matrix 47d32de

More updates 2e9161c

Remove console log 04b960e

Update dependencies, tests... aad3d45

Merge pull request #1736 from justlep/main fdc7056

support .cjs extension e35fe54

https://github.com/gruntjs/grunt/compare/v1.4.1...v1.5.0

v1.4.1

Update Changelog e7625e5

Merge pull request #1731 from gruntjs/update-options 5d67e34

Fix ci install d13bf88

Switch to Actions 08896ae

Update grunt-known-options eee0673

Add note about a breaking change 1b6e288

https://github.com/gruntjs/grunt/compare/v1.4.0...v1.4.1

v1.4.0

Merge pull request #1728 from gruntjs/update-deps-changelog 63b2e89

Update changelog and util dep 106ed17

Merge pull request #1727 from gruntjs/update-deps-apr 49de70b

Update CLI and nodeunit 47cf8b6

Merge pull request #1722 from gruntjs/update-through e86db1c

Update deps 4952368

... (truncated)

Changelog

Sourced from grunt's changelog.

v1.5.3 date: 2022-04-23 changes: - Patch up race condition in symlink copying. v1.5.2 date: 2022-04-12 changes: - Unlink symlinks when copy destination is a symlink. v1.5.1 date: 2022-04-11 changes: - Fixed symlink destination handling. v1.5.0 date: 2022-04-10 changes: - Updated dependencies. - Add symlink handling for copying files. v1.4.1 date: 2021-05-24 changes: - Fix --preload option to be a known option - Switch to GitHub Actions v1.4.0 date: 2021-04-21 changes: - Security fixes in production and dev dependencies - Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb. v1.3.0 date: 2020-08-18 changes: - Switch to use safeLoad for loading YML files via file.readYAML. - Upgrade legacy-log to ~3.0.0. - Upgrade legacy-util to ~2.0.0. v1.2.1 date: 2020-07-07 changes: - Remove path-is-absolute dependency. (PR: gruntjs/grunt#1715) v1.2.0 date: 2020-07-03 changes: - Allow usage of grunt plugins that are located in any location that is visible to Node.js and NPM, instead of node_modules directly inside package that have a dev dependency to these plugins. (PR: gruntjs/grunt#1677) - Removed coffeescript from dependencies. To ease transition, if coffeescript is still around, Grunt will attempt to load it. If it is not, and the user loads a CoffeeScript file, Grunt will print a useful error indicating that the coffeescript package should be installed as a dev dependency.

... (truncated)

Commits

82d79b8 1.5.3
572d79b Merge pull request #1745 from gruntjs/fix-copy-op
58016ff Patch up race condition in symlink copying.
0749e1d Merge pull request #1746 from JamieSlome/patch-1
69b7c50 Create SECURITY.md
ac667b2 1.5.2
7f15fd5 Update Changelog
b0ec6e1 Merge pull request #1743 from gruntjs/cleanup-link
433f91b Clean up link handling
d5969ec 1.5.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by vladikoff, a new releaser for grunt since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AdamOswald/tes/network/alerts).

viezly[bot] commented 1 year ago

Pull request by bot. No need to analyze

performance-testing-bot[bot] commented 1 year ago

Unable to locate .performanceTestingBot config file

mezidia-inspector[bot] commented 1 year ago

Nice to meet you, @dependabot[bot]. Thank you for creating a pull request. There are some tasks for you:

[x] Need at least one label
[ ] Need at least one assignee
[ ] Need a milestone
[ ] Make a pull request draft at first

To close issue send comment "close", to reopen - "reopen", to merge - "merge"

secure-code-warrior-for-github[bot] commented 1 year ago

Micro-Learning Topic: Race condition (Detected by phrase)

Matched on "race condition"

What is this? (2min video)

A race condition is a flaw that produces an unexpected result when the timing of actions impact other actions.

Try a challenge in Secure Code Warrior

pull-request-quantifier-deprecated[bot] commented 1 year ago

This PR has 2 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

Quantification details

``` Label : Extra Small Size : +1 -1 Percentile : 0.8% Total files changed: 2 Change summary by file extension: .json : +1 -1 ``` > Change counts above are quantified counts, based on the [PullRequestQuantifier customizations](https://github.com/microsoft/PullRequestQuantifier/blob/main/docs/prquantifier-yaml.md).

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a balance between between PR complexity and PR review overhead. PRs within the optimal size (typical small, or medium sized PRs) mean: - Fast and predictable releases to production: - Optimal size changes are more likely to be reviewed faster with fewer iterations. - Similarity in low PR complexity drives similar review times. - Review quality is likely higher as complexity is lower: - Bugs are more likely to be detected. - Code inconsistencies are more likely to be detected. - Knowledge sharing is improved within the participants: - Small portions can be assimilated better. - Better engineering practices are exercised: - Solving big problems by dividing them in well contained, smaller problems. - Exercising separation of concerns within the code changes. #### What can I do to optimize my changes - Use the PullRequestQuantifier to quantify your PR accurately - Create a context profile for your repo using the [context generator](https://github.com/microsoft/PullRequestQuantifier/releases) - Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the `Excluded` section from your `prquantifier.yaml` context profile. - Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your `prquantifier.yaml` context profile. - Only use the labels that matter to you, [see context specification](./docs/prquantifier-yaml.md) to customize your `prquantifier.yaml` context profile. - Change your engineering behaviors - For PRs that fall outside of the desired spectrum, review the details and check if: - Your PR could be split in smaller, self-contained PRs instead - Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR). #### How to interpret the change counts in git diff output - One line was added: `+1 -0` - One line was deleted: `+0 -1` - One line was modified: `+1 -1` (git diff doesn't know about modified, it will interpret that line like one addition plus one deletion) - Change percentiles: Change characteristics (addition, deletion, modification) of this PR in relation to all other PRs within the repository.

Was this comment helpful? :thumbsup: :ok_hand: :thumbsdown: (Email) Customize PullRequestQuantifier for this repository.