2015 was big year! Lodash became the most depended on npm package, passed 1 billion downloads, & its v3 release saw massive adoption!
The year was also one of collaboration, as discussions began on merging Lodash & Underscore. Much of Lodash v4 is proofing out the ideas from those discussions. Lodash v4 would not be possible without the collaboration & contributions of the Underscore core team. In the spirit of merging our teams have blended with several members contributing to both libraries.
For 2016 & lodash v4.0.0 we wanted to cut loose, push forward, & take things up a notch!
Lodash’s kitchen-sink size will continue to grow as new methods & functionality are added. However, we now offer a 4 kB (gzipped) core build that’s compatible with Backbone v1.2.4 for folks who want Lodash without lugging around the kitchen sink.
More ES6
We’ve continued to embrace ES6 with methods like _.isSymbol, added support for cloning & comparing array buffers, maps, sets, & symbols, converting iterators to arrays, & iterable _(…).
In addition, we’ve published an es-build & pulled babel-plugin-lodash into core to make tree-shaking a breeze.
More Modular
Pop quiz! 📣
What category path does the bindAll method belong to? Is it
A) require('lodash/function/bindAll')
B) require('lodash/utility/bindAll')
C) require('lodash/util/bindAll')
Don’t know? Well, with v4 it doesn’t matter because now module paths are as simple as
var bindAll = require('lodash/bindAll');
We’ve also reduced module complexity making it easier to create smaller bundles. This has helped Lodash adoption with libraries like Async & Redux!
New locales (es-mx, bn-bd).
Minor bugfixes and locale improvements.
More tests.
Moment is in maintenance mode. Read more at this link:
https://momentjs.com/docs/#/-project-status/
authenticate(), req#login, and req#logout accept a
keepSessionInfo: true option to keep session information after regenerating
the session.
Changed
req#login() and req#logout() regenerate the the session and clear session
information by default.
req#logout() is now an asynchronous function and requires a callback
function as the last argument.
Security
Improved robustness against session fixation attacks in cases where there is
physical access to the same system or the application is susceptible to
cross-site scripting (XSS).
[0.5.3] - 2022-05-16
Fixed
initialize() middleware extends request with login(), logIn(),
logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions
again, reverting change from 0.5.1.
[0.5.2] - 2021-12-16
Fixed
Introduced a compatibility layer for strategies that depend directly on
passport@0.4.x or earlier (such as passport-azure-ad), which were
broken by the removal of private variables in passport@0.5.1.
[0.5.1] - 2021-12-15
Added
Informative error message in session strategy if session support is not
available.
Changed
authenticate() middleware, rather than initialize() middleware, extends
request with login(), logIn(), logout(), logOut(), isAuthenticated(),
and isUnauthenticated() functions.
[0.5.0] - 2021-09-23
Changed
initialize() middleware extends request with login(), logIn(),
logout(), logOut(), isAuthenticated(), and isUnauthenticated()
functions.
Bumps the npm_and_yarn group with 11 updates in the /. directory:
0.8.4
2.4.1
2.4.1
4.17.21
2.8.3
2.29.4
1.5.0
1.9.1
1.4.2
1.4.8
0.2.1
0.6.0
2.51.0
2.88.2
4.1.0
5.7.2
13.7.0
13.11.0
1.3.12
1.8.14
0.4.5
1.6.1
Updates
express-hbs
from 0.8.4 to 2.4.1Release notes
Sourced from express-hbs's releases.
... (truncated)
Commits
db19b29
v2.4.1ce088f0
Fixed inline async helpers not working in isolation (#251)3859825
Lock file maintenanced5d4ed0
Lock file maintenance98dec46
Update dependency rewire to v7ecee1f3
Update dependency eslint to v8.47.0a5e3287
Lock file maintenance7e7faa4
2023f6e7662
Update dependency handlebars to v4.7.83747c10
Lock file maintenanceMaintainer changes
This version was pushed to npm by allouis, a new releaser for express-hbs since your current version.
Updates
lodash
from 2.4.1 to 4.17.21Release notes
Sourced from lodash's releases.
... (truncated)
Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.d7fbc52
Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
moment
from 2.8.3 to 2.29.4Changelog
Sourced from moment's changelog.
... (truncated)
Commits
000ac18
Build 2.24.4f2006b6
Bump version to 2.24.4536ad0c
Update changelog for 2.29.49a3b589
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)6374fd8
Merge branch 'master' into developb4e6153
Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"7aebb16
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)57c9062
Build 2.29.3aaf50b6
Fixup release complaints26f4aef
Bump version to 2.29.3Updates
morgan
from 1.5.0 to 1.9.1Release notes
Sourced from morgan's releases.
... (truncated)
Changelog
Sourced from morgan's changelog.
... (truncated)
Commits
572dd93
1.9.1e02de38
lint: apply standard 12 stylee329663
Fix using special characters in formateb1968a
tests: use strict equality checks310b206
build: use yaml eslint configuration5810937
build: Node.js@9.11f60afd5
build: Node.js@8.115295b0c
build: eslint-plugin-standard@3.1.0178daaf
build: eslint-plugin-promise@3.8.07b08641
build: eslint-plugin-import@2.12.0Updates
node-uuid
from 1.4.2 to 1.4.8Commits
Updates
passport
from 0.2.1 to 0.6.0Changelog
Sourced from passport's changelog.
... (truncated)
Commits
c33067b
0.6.03052bb4
Update changelog.42630cb
Merge pull request #900 from jaredhanson/fix-fixation8dd79fe
Use utils-merge rather than Object.assign for compatibility.4f6bd5b
Change keepSessionData to keepSessionData.46756e5
Silence verbose logging.987b191
Add tests.f8a175f
Add tests.29a90d6
No need to guard callback existence.bfba8a1
Add tests.Updates
request
from 2.51.0 to 2.88.2Changelog
Sourced from request's changelog.
... (truncated)
Commits
Updates
semver
from 4.1.0 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@npmcli/template-oss
@4
.16.0c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
validator
from 13.7.0 to 13.11.0Release notes
Sourced from validator's releases.
... (truncated)
Changelog
Sourced from validator's changelog.
... (truncated)
Commits
f074abd
13.11.06be9634
feat(isEmail) extend to enable allow_underscores in domain (#2229)2f551c6
fix(isMobilePhone): fixed pl-PL matching numbers that start with 45 (#2202)ad41eba
feat(IsFQDN): Add a test that asserts numeric chars in tld are rejected by de...f303d39
feat(isIBAN): add white and blacklist options to the isIBAN validator (#2235)2ef9a83
feat(isMobilePhone): Added regex for Sudan ar-SD (#2246)2440c39
feat(isIBAN): add Morocco (MA) IBAN format (#2025)4c25f26
refactor(isCreditCard): create allCards dynamically (#2117)3507d27
fix(isJWT): fix validation issue in isJWT function (#2217)63b1e4d
fix(isEmail) do not allow non-breaking space in user part (#2237)Updates
bower
from 1.3.12 to 1.8.14Release notes
Sourced from bower's releases.
... (truncated)
Changelog
Sourced from bower's changelog.