Closed dependabot[bot] closed 4 years ago
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version
or @dependabot ignore this minor version
.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
Bumps handlebars from 4.1.2 to 4.6.0.
Changelog
*Sourced from [handlebars's changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md).* > ## v4.6.0 - January 8th, 2020 > > Features: > > - feat: access control to prototype properties via whitelist ([#1633](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1633))- d03b6ec > > Bugfixes: > > - fix(runtime.js): partials compile not caching ([#1600](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1600)) - 23d58e7 > > Chores, docs: > > - various refactorings and improvements to tests - d7f0dcf, 187d611, d337f40 > - modernize the build-setup > - use prettier to format and eslint to verify - c40d9f3, 8901c28, e97685e, 1f61f21 > - use nyc instead of istanbul to collect coverage - 164b7ff, 1ebce2b > - update build code to use modern javascript and make it cleaner - 14b621c, 1ec1737, 3a5b65e, dde108e, 04b1984, 587e7a3 > - restructur build commands - e913dc5, > - eslint rule changes - ac4655e, dc54952 > - Update (C) year in the LICENSE file - d1fb07b > - chore: try to fix saucelabs credentials ([#1627](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1627)) - > - Update readme.md with updated links ([#1620](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1620)) - edcc84f > > BREAKING CHANGES: > > - access to prototype properties is forbidden completely by default, > specific properties or methods can be allow via runtime-options. > See [#1633](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1633) for details. > If you are using Handlebars as documented, you should not be accessing prototype > properties from your template anyway, so the changes should not be a problem > for you. Only the use of undocumented features can break your build. > > That is why we only bump the minor version despite mentioning breaking changes > > [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.6.0) > > ## v4.5.3 - November 18th, 2019 > > Bugfixes: > > - fix: add "no-prototype-builtins" eslint-rule and fix all occurences - f7f05d7 > - fix: add more properties required to be enumerable - 1988878 > > Chores / Build: > > - fix: use !== 0 instead of != 0 - c02b05f > - add chai and dirty-chai and sinon, for cleaner test-assertions and spies, > deprecate old assertion-methods - 93e284e, 886ba86, 0817dad, 93516a0 > > Security: > ... (truncated)Commits
- [`91a1b5d`](https://github.com/wycats/handlebars.js/commit/91a1b5d2f456cb733cbd88149fc9270973db79d7) v4.6.0 - [`770d746`](https://github.com/wycats/handlebars.js/commit/770d746e600eb1939501ab91d4bc81ed6b4cde94) Update release notes - [`d7f0dcf`](https://github.com/wycats/handlebars.js/commit/d7f0dcf2bb91a1d27961941995d75c9800efc7ba) refactor: fix typo in private test method - [`187d611`](https://github.com/wycats/handlebars.js/commit/187d611e8c2a7dc849f62f283ac70714fa637e84) test: add path to nodeJs when running test:bin - [`d337f40`](https://github.com/wycats/handlebars.js/commit/d337f40d0efd59e163f871ed7a73e900322473a6) test: show diff when test:bin fails - [`d03b6ec`](https://github.com/wycats/handlebars.js/commit/d03b6ecfc44e350fd08df752a9551d824287d7f5) feat: access control to prototype properties via whitelist - [`164b7ff`](https://github.com/wycats/handlebars.js/commit/164b7ff0de3041532b0ba671b3eefb7c0c5b5338) chore: ignore .nyc_output - [`ac4655e`](https://github.com/wycats/handlebars.js/commit/ac4655ee9516d5fc1b29d4d52e17c1751ffc8324) chore: disable "dot-notation" rule - [`14b621c`](https://github.com/wycats/handlebars.js/commit/14b621caf5bcdcbf7476b3286afbc30380d2cc3f) test/style: remove or hide unused code in git.js, add tests - [`1ec1737`](https://github.com/wycats/handlebars.js/commit/1ec1737d24a1a37e39ca4c24b0fdb7efd877e628) test/style: refactor remaining grunt tasks to use promises instead of callbacks - Additional commits viewable in [compare view](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.6.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/webix-hub/angular2-demo/network/alerts).