v1.5.3
date: 2022-04-23
changes:
- Patch up race condition in symlink copying.
v1.5.2
date: 2022-04-12
changes:
- Unlink symlinks when copy destination is a symlink.
v1.5.1
date: 2022-04-11
changes:
- Fixed symlink destination handling.
v1.5.0
date: 2022-04-10
changes:
- Updated dependencies.
- Add symlink handling for copying files.
v1.4.1
date: 2021-05-24
changes:
- Fix --preload option to be a known option
- Switch to GitHub Actions
v1.4.0
date: 2021-04-21
changes:
- Security fixes in production and dev dependencies
- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb.
v1.3.0
date: 2020-08-18
changes:
- Switch to use safeLoad for loading YML files via file.readYAML.
- Upgrade legacy-log to ~3.0.0.
- Upgrade legacy-util to ~2.0.0.
v1.2.1
date: 2020-07-07
changes:
- Remove path-is-absolute dependency.
(PR: gruntjs/grunt#1715)
v1.2.0
date: 2020-07-03
changes:
- Allow usage of grunt plugins that are located in any location that
is visible to Node.js and NPM, instead of node_modules directly
inside package that have a dev dependency to these plugins.
(PR: gruntjs/grunt#1677)
- Removed coffeescript from dependencies. To ease transition, if
coffeescript is still around, Grunt will attempt to load it.
If it is not, and the user loads a CoffeeScript file,
Grunt will print a useful error indicating that the
coffeescript package should be installed as a dev dependency.
This is a prerelease version to test our ability to release.
Other than removing or updating dependencies, it contains no intended user-facing changes.
2015 was big year! Lodash became the most depended on npm package, passed 1 billion downloads, & its v3 release saw massive adoption!
The year was also one of collaboration, as discussions began on merging Lodash & Underscore. Much of Lodash v4 is proofing out the ideas from those discussions. Lodash v4 would not be possible without the collaboration & contributions of the Underscore core team. In the spirit of merging our teams have blended with several members contributing to both libraries.
For 2016 & lodash v4.0.0 we wanted to cut loose, push forward, & take things up a notch!
Lodash’s kitchen-sink size will continue to grow as new methods & functionality are added. However, we now offer a 4 kB (gzipped) core build that’s compatible with Backbone v1.2.4 for folks who want Lodash without lugging around the kitchen sink.
More ES6
We’ve continued to embrace ES6 with methods like _.isSymbol, added support for cloning & comparing array buffers, maps, sets, & symbols, converting iterators to arrays, & iterable _(…).
In addition, we’ve published an es-build & pulled babel-plugin-lodash into core to make tree-shaking a breeze.
More Modular
Pop quiz! 📣
What category path does the bindAll method belong to? Is it
A) require('lodash/function/bindAll')
B) require('lodash/utility/bindAll')
C) require('lodash/util/bindAll')
Don’t know? Well, with v4 it doesn’t matter because now module paths are as simple as
var bindAll = require('lodash/bindAll');
We’ve also reduced module complexity making it easier to create smaller bundles. This has helped Lodash adoption with libraries like Async & Redux!
fix: check prototype property access in strict-mode (#1736) - b6d3de7
fix: escape property names in compat mode (#1736) - f058970
refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
chore: start testing on Node.js 12 and 13 - 3789a30
(POSSIBLY) BREAKING CHANGES:
the changes from version 4.6.0 now also apply
in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods
can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties
from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.
That is why we only bump the patch version despite mentioning breaking changes.
Bumps the npm_and_yarn group with 13 updates in the / directory:
4.16.2
4.19.2
1.0.1
1.5.3
1.9.2
removed
3.5.3
10.4.0
3.7.0
4.17.21
2.9.5
2.9.7
4.0.11
4.7.8
3.5.5
3.14.1
1.2.0
1.2.8
4.0.11
4.7.8
0.5.1
0.5.6
6.5.1
6.12.1
0.3.0
removed
1.1.0
3.2.0
Updates
express
from 4.16.2 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
grunt
from 1.0.1 to 1.5.3Release notes
Sourced from grunt's releases.
... (truncated)
Changelog
Sourced from grunt's changelog.
... (truncated)
Commits
82d79b8
1.5.3572d79b
Merge pull request #1745 from gruntjs/fix-copy-op58016ff
Patch up race condition in symlink copying.0749e1d
Merge pull request #1746 from JamieSlome/patch-169b7c50
Create SECURITY.mdac667b2
1.5.27f15fd5
Update Changelogb0ec6e1
Merge pull request #1743 from gruntjs/cleanup-link433f91b
Clean up link handlingd5969ec
1.5.1Maintainer changes
This version was pushed to npm by vladikoff, a new releaser for grunt since your current version.
Updates
getobject
from 0.1.0 to 1.0.2Release notes
Sourced from getobject's releases.
Commits
46e55ec
1.0.26f86cf7
Merge pull request #8 from cowboy/dependabot/npm_and_yarn/path-parse-1.0.76e79841
Bump path-parse from 1.0.6 to 1.0.784bd719
1.0.1141e3a5
Update depsc97cf3e
Merge pull request #7 from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9201e91b
Bump hosted-git-info from 2.8.8 to 2.8.95ffb873
Update dev deps92e0d1f
1.0.06828cb9
README updatesMaintainer changes
This version was pushed to npm by vladikoff, a new releaser for getobject since your current version.
Removes
growl
Updates
mocha
from 3.5.3 to 10.4.0Release notes
Sourced from mocha's releases.
... (truncated)
Changelog
Sourced from mocha's changelog.
... (truncated)
Commits
ffd9557
Release v10.4.07ac67f3
build(deps): bump the github-actions group with 2 updates (#5125)7a2781c
chore: activate dependabot for workflows (#5123)97dcbb2
fix: harden error handling inlib/cli/run.js
(#5074)6f3f45e
fix: xunit integration test (#5122)a5b5652
docs: fix documentation concerning glob expansion on UNIX (#4869)efbb147
feat: add file path to xunit reporter (#4985)a2e600d
fix: closes #5115 (#5116)3735873
feat: include.cause
stacks in the error stack traces (#4829)b88978d
chore: bump ESLint ecmaVersion to 2020 (#5104)Maintainer changes
This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.
Updates
lodash
from 3.7.0 to 4.17.21Release notes
Sourced from lodash's releases.
... (truncated)
Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.d7fbc52
Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
jshint
from 2.9.5 to 2.9.7Release notes
Sourced from jshint's releases.
Changelog
Sourced from jshint's changelog.
Commits
01bf8c6
v2.9.771f2f1f
[[TEST]] Assert CLI behavior: stdin w/o filename3a8ef8b
Added Spotify to companies who use JSHint (#3333)80c7fda
[[CHORE]] Relocate development dependencyf70250b
[[CHORE]] Relocate development dependenciesd5c1a00
v2.9.6ab3ab85
[[FIX]] Do not warn about non-ambiguous linebreakseaca85b
[[CHORE]] Improve test coverage for ASI warning0a66710
[[FIX]] Relax restriction on asgnmnt to arguments3aa02db
[[FIX]] Tolerate division following closing braceUpdates
handlebars
from 4.0.11 to 4.7.8Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
8dc3d25
v4.7.8668c4fb
Fix browser tests in CI pipelinec65c6cc
Test on Node 183d3796c
Make library compatible with workers075b354
Fix sync issue with npm lock-file30dbf04
Fix compiling of each block params in strict modee3a5448
Fix bundler issue with webpack 58e23642
Fix integration-tests issue with npm >= 788ac068
use https instead of git for mustache submodulec68bc08
Fix typoMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
js-yaml
from 3.5.5 to 3.14.1Changelog
Sourced from js-yaml's changelog.