Release notes
*Sourced from [lodash's releases](https://github.com/lodash/lodash/releases).*
> ## 4.0.0
> # [lodash v4.0.0](https://github.com/lodash/lodash/wiki/Changelog#v400)
>
> 2015 was big year! [Lodash](https://lodash.com/) became the [most depended on](https://gist.github.com/anvaka/8e8fa57c7ee1350e3491#file-01-most-dependent-upon-md) npm package, passed [1 billion](http://npm-stat.com/charts.html?package=&author=jdalton) downloads, & its v3 release saw massive adoption!
>
> The year was also one of collaboration, as discussions began on [merging Lodash & Underscore](https://github-redirect.dependabot.com/underdash/underdash/issues/14). Much of Lodash v4 is proofing out the ideas from those discussions. Lodash v4 **would not be possible** without the collaboration & contributions of the Underscore core team. In the spirit of merging our teams have blended with [several members](https://github.com/orgs/lodash/people) contributing to both libraries.
>
> For 2016 & [lodash v4.0.0](https://github.com/lodash/lodash/wiki/Changelog#v400) we wanted to cut loose, push forward, & take things up a notch!
>
> ## Modern only
>
> With v4 we’re breaking free from [old projects](https://github.com/lodash-archive), old environments, & dropping [old IE < 9 support](https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support)!
>
> ## 4 kB Core
>
> Lodash’s kitchen-sink size will continue to grow as new methods & functionality are added. However, we now offer a 4 kB (gzipped) [core build](https://github.com/lodash/lodash/tree/4.0.0/dist) that’s compatible with [Backbone v1.2.4](https://github-redirect.dependabot.com/jashkenas/backbone/issues/3839) for folks who want Lodash without lugging around the kitchen sink.
>
> ## More ES6
>
> We’ve continued to embrace ES6 with methods like [_.isSymbol](https://lodash.com/docs#isSymbol), added support for cloning & comparing array buffers, maps, sets, & symbols, converting iterators to arrays, & iterable `_(…)`.
>
> In addition, we’ve published an [es-build](https://github.com/lodash/lodash/tree/4.0.0-es/) & pulled [babel-plugin-lodash](https://github.com/lodash/babel-plugin-lodash) into core to make tree-shaking a breeze.
>
> ## More Modular
>
> Pop quiz! 📣
>
> What category path does the `bindAll` method belong to? Is it
>
> A) `require('lodash/function/bindAll')`
> B) `require('lodash/utility/bindAll')`
> C) `require('lodash/util/bindAll')`
>
> Don’t know? Well, with v4 it doesn’t matter because now module paths are as simple as
>
> ``` js
> var bindAll = require('lodash/bindAll');
> ```
>
> We’ve also reduced module complexity making it easier to create smaller bundles. This has helped Lodash adoption with libraries like [Async](https://github-redirect.dependabot.com/caolan/async/pull/996) & [Redux](https://github-redirect.dependabot.com/rackt/redux/pull/611)!
>
> ## 1st Class FP
>
> With v3 we introduced [lodash-fp](https://github.com/lodash-archive/lodash-fp). We learned a lot & with v4 we decided to [pull it into core](https://github.com/lodash/lodash/wiki/FP-Guide).
>
> Now you can get immutable, auto-curried, iteratee-first, data-last methods as simply as
>
> ``` js
> var _ = require('lodash/fp');
> var object = { 'a': 1 };
> ... (truncated)
Commits
- [`0843bd4`](https://github.com/lodash/lodash/commit/0843bd46ef805dd03c0c8d804630804f3ba0ca3c) Bump to v4.17.11.
- [`3ac4b26`](https://github.com/lodash/lodash/commit/3ac4b261e4a920a07673d49edfb84bd317f449f7) Rebuild lodash and docs.
- [`eaa9f36`](https://github.com/lodash/lodash/commit/eaa9f36e912a97bfc95f6bdd28ea07e0a62b82e9) Commit package-lock.json.
- [`552f94a`](https://github.com/lodash/lodash/commit/552f94a7db34a8036689d6aae6c67c789e4e79a6) Lint nits.
- [`d8ddc1a`](https://github.com/lodash/lodash/commit/d8ddc1a15f8ac3f9ac952818cc7f7b3d049b41ef) Add test for indirectly merging `Object` properties.
- [`e5f9af5`](https://github.com/lodash/lodash/commit/e5f9af54189ce714f5e53084337f54e2fea1de8d) Remove prototype property check in safeGet().
- [`2de676f`](https://github.com/lodash/lodash/commit/2de676fe76bc68fb279ac84c1c87d59511ced8cc) Ensure placeholder properties are set for fp.convert() results. [closes [#3440](https://github-redirect.dependabot.com/lodash/lodash/issues/3440)]
- [`278c6dd`](https://github.com/lodash/lodash/commit/278c6dd33dfc7040b37c7148a645416f7c97e9ea) Cleanup _.merge tests for function properties.
- [`79b9d20`](https://github.com/lodash/lodash/commit/79b9d20a912118bf06acd093071902ed972daf4e) Fix inconsistent merging of multiple sources to function property
- [`6e62e1e`](https://github.com/lodash/lodash/commit/6e62e1e8df7b907beaa37a3182752d310314589f) Cleanup ReDoS test.
- Additional commits viewable in [compare view](https://github.com/lodash/lodash/compare/3.1.0...4.17.11)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
Bumps lodash from 3.1.0 to 4.17.11.
Release notes
*Sourced from [lodash's releases](https://github.com/lodash/lodash/releases).* > ## 4.0.0 > # [lodash v4.0.0](https://github.com/lodash/lodash/wiki/Changelog#v400) > > 2015 was big year! [Lodash](https://lodash.com/) became the [most depended on](https://gist.github.com/anvaka/8e8fa57c7ee1350e3491#file-01-most-dependent-upon-md) npm package, passed [1 billion](http://npm-stat.com/charts.html?package=&author=jdalton) downloads, & its v3 release saw massive adoption! > > The year was also one of collaboration, as discussions began on [merging Lodash & Underscore](https://github-redirect.dependabot.com/underdash/underdash/issues/14). Much of Lodash v4 is proofing out the ideas from those discussions. Lodash v4 **would not be possible** without the collaboration & contributions of the Underscore core team. In the spirit of merging our teams have blended with [several members](https://github.com/orgs/lodash/people) contributing to both libraries. > > For 2016 & [lodash v4.0.0](https://github.com/lodash/lodash/wiki/Changelog#v400) we wanted to cut loose, push forward, & take things up a notch! > > ## Modern only > > With v4 we’re breaking free from [old projects](https://github.com/lodash-archive), old environments, & dropping [old IE < 9 support](https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support)! > > ## 4 kB Core > > Lodash’s kitchen-sink size will continue to grow as new methods & functionality are added. However, we now offer a 4 kB (gzipped) [core build](https://github.com/lodash/lodash/tree/4.0.0/dist) that’s compatible with [Backbone v1.2.4](https://github-redirect.dependabot.com/jashkenas/backbone/issues/3839) for folks who want Lodash without lugging around the kitchen sink. > > ## More ES6 > > We’ve continued to embrace ES6 with methods like [_.isSymbol](https://lodash.com/docs#isSymbol), added support for cloning & comparing array buffers, maps, sets, & symbols, converting iterators to arrays, & iterable `_(…)`. > > In addition, we’ve published an [es-build](https://github.com/lodash/lodash/tree/4.0.0-es/) & pulled [babel-plugin-lodash](https://github.com/lodash/babel-plugin-lodash) into core to make tree-shaking a breeze. > > ## More Modular > > Pop quiz! 📣 > > What category path does the `bindAll` method belong to? Is it > > A) `require('lodash/function/bindAll')` > B) `require('lodash/utility/bindAll')` > C) `require('lodash/util/bindAll')` > > Don’t know? Well, with v4 it doesn’t matter because now module paths are as simple as > > ``` js > var bindAll = require('lodash/bindAll'); > ``` > > We’ve also reduced module complexity making it easier to create smaller bundles. This has helped Lodash adoption with libraries like [Async](https://github-redirect.dependabot.com/caolan/async/pull/996) & [Redux](https://github-redirect.dependabot.com/rackt/redux/pull/611)! > > ## 1st Class FP > > With v3 we introduced [lodash-fp](https://github.com/lodash-archive/lodash-fp). We learned a lot & with v4 we decided to [pull it into core](https://github.com/lodash/lodash/wiki/FP-Guide). > > Now you can get immutable, auto-curried, iteratee-first, data-last methods as simply as > > ``` js > var _ = require('lodash/fp'); > var object = { 'a': 1 }; > ... (truncated)Commits
- [`0843bd4`](https://github.com/lodash/lodash/commit/0843bd46ef805dd03c0c8d804630804f3ba0ca3c) Bump to v4.17.11. - [`3ac4b26`](https://github.com/lodash/lodash/commit/3ac4b261e4a920a07673d49edfb84bd317f449f7) Rebuild lodash and docs. - [`eaa9f36`](https://github.com/lodash/lodash/commit/eaa9f36e912a97bfc95f6bdd28ea07e0a62b82e9) Commit package-lock.json. - [`552f94a`](https://github.com/lodash/lodash/commit/552f94a7db34a8036689d6aae6c67c789e4e79a6) Lint nits. - [`d8ddc1a`](https://github.com/lodash/lodash/commit/d8ddc1a15f8ac3f9ac952818cc7f7b3d049b41ef) Add test for indirectly merging `Object` properties. - [`e5f9af5`](https://github.com/lodash/lodash/commit/e5f9af54189ce714f5e53084337f54e2fea1de8d) Remove prototype property check in safeGet(). - [`2de676f`](https://github.com/lodash/lodash/commit/2de676fe76bc68fb279ac84c1c87d59511ced8cc) Ensure placeholder properties are set for fp.convert() results. [closes [#3440](https://github-redirect.dependabot.com/lodash/lodash/issues/3440)] - [`278c6dd`](https://github.com/lodash/lodash/commit/278c6dd33dfc7040b37c7148a645416f7c97e9ea) Cleanup _.merge tests for function properties. - [`79b9d20`](https://github.com/lodash/lodash/commit/79b9d20a912118bf06acd093071902ed972daf4e) Fix inconsistent merging of multiple sources to function property - [`6e62e1e`](https://github.com/lodash/lodash/commit/6e62e1e8df7b907beaa37a3182752d310314589f) Cleanup ReDoS test. - Additional commits viewable in [compare view](https://github.com/lodash/lodash/compare/3.1.0...4.17.11)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language