nepali-date-picker icon indicating copy to clipboard operation
nepali-date-picker copied to clipboard

Published 20 hours ago • verified publisher icon leapfrogtechnology

Bump lodash, grunt-contrib-jasmine and load-grunt-config

Open dependabot[bot] opened this issue 2 years ago • 0 comments

Bumps lodash to 4.17.21 and updates ancestor dependencies lodash, grunt-contrib-jasmine and load-grunt-config. These dependencies need to be updated together.

Updates lodash from 4.17.19 to 4.17.21

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates grunt-contrib-jasmine from 1.2.0 to 3.0.0

Release notes

Sourced from grunt-contrib-jasmine's releases.

v3.0.0

  • Merge pull request #334 from gruntjs/add-actions 32d89c3
  • Use Actions 775abc5
  • Merge pull request #333 from gruntjs/deps-changelog 623c79c
  • Update deps and readme cd3efba
  • Merge pull request #332 from fred104/puppeteer_upgrade 3b3abc7
  • drop node 8 support 072ee93
  • bump puppeteer to 8.0.0 180061c
  • Bump hosted-git-info from 2.6.0 to 2.8.9 27e959e
  • Bump handlebars from 4.5.3 to 4.7.7 7491685
  • Bump lodash from 4.17.19 to 4.17.21 672814d
  • Bump grunt from 1.0.4 to 1.3.0 2ff9e25
  • Bump ssri from 6.0.1 to 6.0.2 e4763af
  • Bump y18n from 4.0.0 to 4.0.1 7499b17
  • Merge pull request #325 from gruntjs/dependabot/npm_and_yarn/yargs-parser-13.1.2 1aa690f
  • Bump yargs-parser from 13.1.0 to 13.1.2 4c2e2d6
  • Bump lodash from 4.17.15 to 4.17.19 de2ada4
  • Merge pull request #323 from gruntjs/dependabot/npm_and_yarn/npm-registry-fetch-4.0.5 80a5f1c
  • Bump npm-registry-fetch from 4.0.0 to 4.0.5 b49cca4
  • Merge pull request #322 from gruntjs/dependabot/npm_and_yarn/websocket-extensions-0.1.4 4d2c3cb
  • Bump websocket-extensions from 0.1.3 to 0.1.4 1168d11
  • Set package.json version 02ae04f
  • Merge pull request #320 from gruntjs/rel-pp aa36400
  • v2.2.0 bf5f771
  • Merge pull request #321 from gruntjs/fix-300 607e95a
  • Merge branch 'fix-issue-299' 444aa37
  • Merge pull request #319 from wondersloth/feat-puppeteer-options f4d996b
  • options.sandboxArgs; passing options to puppeteer 1dccda6
  • Bump https-proxy-agent from 2.2.2 to 2.2.4 7545819
  • Bump acorn from 6.2.1 to 6.4.1 ae324b1
  • Merge pull request #314 from gruntjs/dependabot/npm_and_yarn/handlebars-4.5.3 fed53a4
  • Bump handlebars from 4.1.2 to 4.5.3 5d86730
  • Bump extend from 3.0.1 to 3.0.2 59565bd
  • Merge pull request #312 from gruntjs/dependabot/npm_and_yarn/eslint-utils-1.4.3 71559de
  • Bump eslint-utils from 1.4.0 to 1.4.3 0e05d88
  • Update README c85f8c9
  • Merge pull request #308 from gruntjs/update-deps 6fefef1
  • Update deps 868ae4b
  • added --allow-file-access-from-files tag issue 298 f9b99fd
  • Bump package-lock again per npm audit e52e8bf
  • Fix regression in reporter to allow running in browser abb7e4e
  • Update packages per node audit 0150e80
  • Add new event-based system for sandbox communication 9371fdb
  • Merge pull request #301 from AlexChesters/patch-1 137f621
  • update package-lock 5632fd3
  • update puppeteer version 9f11b65
  • moved resolveJasmine/jasminePromise function to fix scope issue fd78052
  • chore: 🌲 update deps 0981f03
  • Pass through console output from puppeteer 26be197

... (truncated)

Changelog

Sourced from grunt-contrib-jasmine's changelog.

v3.0.0: date: 2021-05-13 changes: - Dependency Updates - drop node 8 support - bump puppeteer to 8.0.0 v2.2.0: date: 2020-05-04 changes: - Dependency updates - set the default option timeout value to 30 secs to sync with puppeteer's default timeout value. - options.sandboxArgs; passing options to puppeteer v2.1.3: date: 2019-07-31 changes: - Fix security deps - Update Puppeteer v2.0.3: date: 2018-11-14 changes: - Fix security deps: lodash - Build only should pass if the buildSpecrunner runs without error v2.0.2: date: 2018-08-13 changes: - Fix noSandbox option. - Fix startTime, and timing issues.

v2.0.1: date: 2018-05-31 changes: - Use the grunt current working directory to find the jasmine core. - Implement options.version. - Dependency updates.

v2.0.0: date: 2018-05-19 changes: - Switch from PhantomJS to Chrome Headless via Puppeteer

v1.1.0: date: 2017-01-12 changes: - adds tempDir option. - locks jasmine version v1.0.3: date: 2016-04-07 changes: - Move to a non-deprecated sprintf. v1.0.2:

... (truncated)

Commits
  • 32d89c3 Merge pull request #334 from gruntjs/add-actions
  • 775abc5 Use Actions
  • 623c79c Merge pull request #333 from gruntjs/deps-changelog
  • cd3efba Update deps and readme
  • 3b3abc7 Merge pull request #332 from fred104/puppeteer_upgrade
  • 072ee93 drop node 8 support
  • 180061c bump puppeteer to 8.0.0
  • 27e959e Bump hosted-git-info from 2.6.0 to 2.8.9
  • 7491685 Bump handlebars from 4.5.3 to 4.7.7
  • 672814d Bump lodash from 4.17.19 to 4.17.21
  • Additional commits viewable in compare view

Updates load-grunt-config from 0.19.2 to 4.0.1

Release notes

Sourced from load-grunt-config's releases.

Release 4.0.1

Release 4.0.0

Release 3.0.2

Release 3.0.1

Release 3.0.1

Release 3.0.0-rc3

Release 2.0.1

Release 2.0.0

Release 1.0.2

Release 1.0.1

No release notes provided.

Release 1.0.0

No release notes provided.

Changelog

Sourced from load-grunt-config's changelog.

4.0.1 / 2021-08-20

  • Debug version to investigate issue with js-yaml & js-yaml-js-types

4.0.0 / 2021-07-04

  • Dropped support of CoffeeScript (breaking change)
  • Removed package-lock.json
  • Updated dependencies:
    • js-yaml from 3.13.1 to 4.1.0
    • cson from 5.1.0 to 7.20.0
    • glob 7.1.4 to 7.1.7
  • Added dependencies:
    • js-yaml-js-types version 1.0.0
  • Updated devDependencies:
    • grunt from 1.0.4 to 1.4.1
    • proxyquire from 2.1.1 to 2.1.3
    • grunt-gh-pages from 3.1.0 to 4.0.0
    • sinon from 7.3.2 to 11.1.1
  • Added devDependencies:
    • grunt-mocha-cli 7.0.0
  • Removed devDependencies:
    • grunt-simple-mocha

3.0.2 / 2021-07-04

  • Updated dependencies:
    • lodash from 4.17.15 to 4.7.21

3.0.1 / 2019-09-10

  • Allowed relative path for JS loading

3.0.0 / 2019-08-01

  • Dropped support of node lower than 8
  • Added yarn.lock
  • Updated dependencies:
    • load-grunt-tasks from 4.0.0 to 5.1.0
    • lodash from 4.17.11 to 4.17.15
  • Updated devDependencies

2.0.1 / 2019-07-25

  • Updated dependencies:
    • lodash from 4.7.11 to 4.7.15
  • Updated devDependencies

... (truncated)

Commits
  • 26b9158 Release 4.0.1
  • 1067941 - updated dependencies to latest versions
  • c98250f Released 3.0.2
  • 5e59e4b Merge pull request #190 from firstandthird/dependabot/npm_and_yarn/lodash-4.1...
  • aca47e8 Bump lodash from 4.17.15 to 4.17.21
  • 2539c63 small linter fix
  • cbc64f4 Released 3.0.1
  • 9d8f1eb Merge pull request #184 from zypA13510/patch-1
  • 5b2aa3b fix(readfile): resolve relative path before require
  • e5f90e3 Released 3.0.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Dec 20 '22 11:12 dependabot[bot]