Bump lodash, browser-sync, grunt and grunt-contrib-watch #12
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps lodash to 4.17.21 and updates ancestor dependencies lodash, browser-sync, grunt and grunt-contrib-watch. These dependencies need to be updated together.
Updates
lodash
from 4.17.5 to 4.17.21Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.d7fbc52
Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
browser-sync
from 2.23.6 to 2.29.1Release notes
Sourced from browser-sync's releases.
... (truncated)
Commits
6ffc212
v2.29.17b07798
v2.29.1-alpha.0497f216
remove client depsbed04d4
v2.29.087421b5
fix: ie11 support (#2024)59eb01a
v2.28.33fd2720
v2.28.28487a85
bump logger (#2026)a841795
chalk as main dep - fixes #2021 (#2025)9ea395f
v2.28.1Updates
grunt
from 1.0.2 to 1.0.4Changelog
Sourced from grunt's changelog.
Commits
8fcbed1
v1.0.4 (#1668)0b13970
Update js-yaml to address https://npmjs.com/advisories/788 (#1667)7db6cf7
Use SOURCE_DATE_EPOCH to render dates in template. (#1596)a2d6d80
Revert "Indicate in package.json that Node.js 4 or newer is required (#1643)"...773b7e7
Indicate in package.json that Node.js 4 or newer is required (#1643)9ba3a99
1.0.3eee4c33
Changelog v1.0.346da7f2
Merge pull request #1636 from gruntjs/upt00f4d8a
Drop support for Node 0.10 and 0.12e852727
util updateUpdates
grunt-contrib-watch
from 1.0.0 to 1.0.1Changelog
Sourced from grunt-contrib-watch's changelog.
Commits
6ec71e9
v1.0.17d20933
Update copyright yeare3d19df
Update ci configsd117574
Updating ci configs99410a7
README.md: Fixed typos (#536)7f8cf80
Add local grunt-cliab6771e
Drop back to [email protected] until the bad test helper can be sorted2e2daa5
Update to [email protected]3d7fa3a
Avoid timing issue in tests because of the bad test helper0130a16
Merge pull request #500 from gruntjs/depsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.