Update Mend: high confidence minor and patch dependency updates

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
async (source)	2.0.0-rc.4 -> 2.6.4
body-parser	1.15.1 -> 1.20.2
express-session	1.13.0 -> 1.18.0
grunt (source)	1.0.1 -> 1.6.1
grunt-cli	1.2.0 -> 1.4.3
underscore (source)	1.8.3 -> 1.13.6

---

Release Notes

caolan/async (async)

v2.6.4

Compare Source

v2.6.3

Compare Source

v2.6.2

Compare Source

v2.6.1

Compare Source

• Updated lodash to prevent npm audit warnings. (#​1532, #​1533)
• Made async-es more optimized for webpack users (#​1517)
• Fixed a stack overflow with large collections and a synchronous iterator (#​1514)
• Various small fixes/chores (#​1505, #​1511, #​1527, #​1530)

v2.6.0

Compare Source

• Added missing aliases for many methods. Previously, you could not (e.g.) require('async/find') or use async.anyLimit. (#​1483)
• Improved queue performance. (#​1448, #​1454)
• Add missing sourcemap (#​1452, #​1453)
• Various doc updates (#​1448, #​1471, #​1483)

v2.5.0

Compare Source

• Added concatLimit, the Limit equivalent of concat (#​1426, #​1430)
• concat improvements: it now preserves order, handles falsy values and the iteratee callback takes a variable number of arguments (#​1437, #​1436)
• Fixed an issue in queue where there was a size discrepancy between workersList().length and running() (#​1428, #​1429)
• Various doc fixes (#​1422, #​1424)

v2.4.1

Compare Source

• Fixed a bug preventing functions wrapped with timeout() from being re-used. (#​1418, #​1419)

v2.4.0

Compare Source

• Added tryEach, for running async functions in parallel, where you only expect one to succeed. (#​1365, #​687)
• Improved performance, most notably in parallel and waterfall (#​1395)
• Added queue.remove(), for removing items in a queue (#​1397, #​1391)
• Fixed using eval, preventing Async from running in pages with Content Security Policy (#​1404, #​1403)
• Fixed errors thrown in an asyncifyed function's callback being caught by the underlying Promise (#​1408)
• Fixed timing of queue.empty() (#​1367)
• Various doc fixes (#​1314, #​1394, #​1412)

v2.3.0

Compare Source

• Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#​1386, #​1390)
• Small doc fix (#​1392)

v2.2.0

Compare Source

• Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#​1364)
• Fixed transform bug when callback was not passed (#​1381)
• Added note about reflect to parallel docs (#​1385)

v2.1.5

Compare Source

• Fix auto bug when function names collided with Array.prototype (#​1358)
• Improve some error messages (#​1349)
• Avoid stack overflow case in queue
• Fixed an issue in some, every and find where processing would continue after the result was determined.
• Cleanup implementations of some, every and find

v2.1.4

Compare Source

v2.1.2

Compare Source

• Fixed a stackoverflow bug with detect, some, every on large inputs (#​1293).

v2.1.1

Compare Source

v2.1.0

Compare Source

• retry and retryable now support an optional errorFilter function that determines if the task should retry on the error (#​1256, #​1261)
• Optimized array iteration in race, cargo, queue, and priorityQueue (#​1253)
• Added alias documentation to doc site (#​1251, #​1254)
• Added BootStrap scrollspy to docs to highlight in the sidebar the current method being viewed (#​1289, #​1300)
• Various minor doc fixes (#​1263, #​1264, #​1271, #​1278, #​1280, #​1282, #​1302)

v2.0.1

Compare Source

• Significantly optimized all iteration based collection methods such as each, map, filter, etc (#​1245, #​1246, #​1247).

v2.0.0

Compare Source

Lots of changes here!

First and foremost, we have a slick new site for docs. Special thanks to @​hargasinski for his work converting our old docs to jsdoc format and implementing the new website. Also huge ups to @​ivanseidel for designing our new logo. It was a long process for both of these tasks, but I think these changes turned out extraordinary well.

The biggest feature is modularization. You can now require("async/series") to only require the series function. Every Async library function is available this way. You still can require("async") to require the entire library, like you could do before.

We also provide Async as a collection of ES2015 modules. You can now import {each} from 'async-es' or import waterfall from 'async-es/waterfall'. If you are using only a few Async functions, and are using a ES bundler such as Rollup, this can significantly lower your build size.

Major thanks to @​Kikobeats, @​aearly and @​megawac for doing the majority of the modularization work, as well as @​jdalton and @​Rich-Harris for advisory work on the general modularization strategy.

Another one of the general themes of the 2.0 release is standardization of what an "async" function is. We are now more strictly following the node-style continuation passing style. That is, an async function is a function that:

1. Takes a variable number of arguments
2. The last argument is always a callback
3. The callback can accept any number of arguments
4. The first argument passed to the callback will be treated as an error result, if the argument is truthy
5. Any number of result arguments can be passed after the "error" argument
6. The callback is called once and exactly once, either on the same tick or later tick of the JavaScript event loop.

There were several cases where Async accepted some functions that did not strictly have these properties, most notably auto, every, some, filter, reject and detect.

Another theme is performance. We have eliminated internal deferrals in all cases where they make sense. For example, in waterfall and auto, there was a setImmediate between each task -- these deferrals have been removed. A setImmediate call can add up to 1ms of delay. This might not seem like a lot, but it can add up if you are using many Async functions in the course of processing a HTTP request, for example. Nearly all asynchronous functions that do I/O already have some sort of deferral built in, so the extra deferral is unnecessary. The trade-off of this change is removing our built-in stack-overflow defense. Many synchronous callback calls in series can quickly overflow the JS call stack. If you do have a function that is sometimes synchronous (calling its callback on the same tick), and are running into stack overflows, wrap it with async.ensureAsync().

Another big performance win has been re-implementing queue, cargo, and priorityQueue with doubly linked lists instead of arrays. This has lead to queues being an order of magnitude faster on large sets of tasks.

New Features

• Async is now modularized. Individual functions can be require()d from the main package. (require('async/auto')) (#​984, #​996)
• Async is also available as a collection of ES2015 modules in the new async-es package. (import {forEachSeries} from 'async-es') (#​984, #​996)
• Added race, analogous to Promise.race(). It will run an array of async tasks in parallel and will call its callback with the result of the first task to respond. (#​568, #​1038)
• Collection methods now accept ES2015 iterators. Maps, Sets, and anything that implements the iterator spec can now be passed directly to each, map, parallel, etc.. (#​579, #​839, #​1074)
• Added mapValues, for mapping over the properties of an object and returning an object with the same keys. (#​1157, #​1177)
• Added timeout, a wrapper for an async function that will make the task time-out after the specified time. (#​1007, #​1027)
• Added reflect and reflectAll, analagous to Promise.reflect(), a wrapper for async tasks that always succeeds, by gathering results and errors into an object. (#​942, #​1012, #​1095)
• constant supports dynamic arguments -- it will now always use its last argument as the callback. (#​1016, #​1052)
• setImmediate and nextTick now support arguments to partially apply to the deferred function, like the node-native versions do. (#​940, #​1053)
• auto now supports resolving cyclic dependencies using Kahn's algorithm (#​1140).
• Added autoInject, a relative of auto that automatically spreads a task's dependencies as arguments to the task function. (#​608, #​1055, #​1099, #​1100)
• You can now limit the concurrency of auto tasks. (#​635, #​637)
• Added retryable, a relative of retry that wraps an async function, making it retry when called. (#​1058)
• retry now supports specifying a function that determines the next time interval, useful for exponential backoff, logging and other retry strategies. (#​1161)
• retry will now pass all of the arguments the task function was resolved with to the callback (#​1231).
• Added q.unsaturated -- callback called when a queue's number of running workers falls below a threshold. (#​868, #​1030, #​1033, #​1034)
• Added q.error -- a callback called whenever a queue task calls its callback with an error. (#​1170)
• applyEach and applyEachSeries now pass results to the final callback. (#​1088)

Breaking changes

• Calling a callback more than once is considered an error, and an error will be thrown. This had an explicit breaking change in waterfall. If you were relying on this behavior, you should more accurately represent your control flow as an event emitter or stream. (#​814, #​815, #​1048, #​1050)
• auto task functions now always take the callback as the last argument. If a task has dependencies, the results object will be passed as the first argument. To migrate old task functions, wrap them with _.flip (#​1036, #​1042)
• Internal setImmediate calls have been refactored away. This may make existing flows vulnerable to stack overflows if you use many synchronous functions in series. Use ensureAsync to work around this. (#​696, #​704, #​1049, #​1050)
• map used to return an object when iterating over an object. map now always returns an array, like in other libraries. The previous object behavior has been split out into mapValues. (#​1157, #​1177)
• filter, reject, some, every, detect and their families like {METHOD}Series and {METHOD}Limit now expect an error as the first callback argument, rather than just a simple boolean. Pass null as the first argument, or use fs.access instead of fs.exists. (#​118, #​774, #​1028, #​1041)
• {METHOD} and {METHOD}Series are now implemented in terms of {METHOD}Limit. This is a major internal simplification, and is not expected to cause many problems, but it does subtly affect how functions execute internally. (#​778, #​847)
• retry's callback is now optional. Previously, omitting the callback would partially apply the function, meaning it could be passed directly as a task to series or auto. The partially applied "control-flow" behavior has been separated out into retryable. (#​1054, #​1058)
• The test function for whilst, until, and during used to be passed non-error args from the iteratee function's callback, but this led to weirdness where the first call of the test function would be passed no args. We have made it so the test function is never passed extra arguments, and only the doWhilst, doUntil, and doDuring functions pass iteratee callback arguments to the test function (#​1217, #​1224)
• The q.tasks array has been renamed q._tasks and is now implemented as a doubly linked list (DLL). Any code that used to interact with this array will need to be updated to either use the provided helpers or support DLLs (#​1205).
• The timing of the q.saturated() callback in a queue has been modified to better reflect when tasks pushed to the queue will start queueing. (#​724, #​1078)
• Removed iterator method in favour of ES2015 iterator protocol which natively supports arrays (#​1237)
• Dropped support for Component, Jam, SPM, and Volo (#​1175, ##​176)

Bug Fixes

• Improved handling of no dependency cases in auto & autoInject (#​1147).
• Fixed a bug where the callback generated by asyncify with Promises could resolve twice (#​1197).
• Fixed several documented optional callbacks not actually being optional (#​1223).

Other

• Added someSeries and everySeries for symmetry, as well as a complete set of any/anyLimit/anySeries and all//allLmit/allSeries aliases.
• Added find as an alias for detect. (as well as findLimitandfindSeries`).
• Various doc fixes (#​1005, #​1008, #​1010, #​1015, #​1021, #​1037, #​1039, #​1051, #​1102, #​1107, #​1121, #​1123, #​1129, #​1135, #​1138, #​1141, #​1153, #​1216, #​1217, #​1232, #​1233, #​1236, #​1238)

Thank you @​aearly and @​megawac for taking the lead on version 2 of async.

---

v2.0.0-rc.6

Compare Source

v2.0.0-rc.5

Compare Source

expressjs/body-parser (body-parser)

v1.20.2

Compare Source

===================

• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
  • perf: skip value escaping when unnecessary
• deps: raw-body@2.5.2

v1.20.1

Compare Source

===================

• deps: qs@6.11.0
• perf: remove unnecessary object clone

v1.20.0

Compare Source

===================

• Fix error message for json parse whitespace in strict
• Fix internal error when inflated body exceeds limit
• Prevent loss of async hooks context
• Prevent hanging when request already read
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: http-errors@2.0.0
  • deps: depd@2.0.0
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
• deps: qs@6.10.3
• deps: raw-body@2.5.1
  • deps: http-errors@2.0.0

v1.19.2

Compare Source

===================

• deps: bytes@3.1.2
• deps: qs@6.9.7
  • Fix handling of __proto__ keys
• deps: raw-body@2.4.3
  • deps: bytes@3.1.2

v1.19.1

Compare Source

===================

• deps: bytes@3.1.1
• deps: http-errors@1.8.1
  • deps: inherits@2.0.4
  • deps: toidentifier@1.0.1
  • deps: setprototypeof@1.2.0
• deps: qs@6.9.6
• deps: raw-body@2.4.2
  • deps: bytes@3.1.1
  • deps: http-errors@1.8.1
• deps: safe-buffer@5.2.1
• deps: type-is@~1.6.18

v1.19.0

Compare Source

===================

• deps: bytes@3.1.0
  • Add petabyte (pb) support
• deps: http-errors@1.7.2
  • Set constructor name when possible
  • deps: setprototypeof@1.1.1
  • deps: statuses@'>= 1.5.0 < 2'
• deps: iconv-lite@0.4.24
  • Added encoding MIK
• deps: qs@6.7.0
  • Fix parsing array brackets after index
• deps: raw-body@2.4.0
  • deps: bytes@3.1.0
  • deps: http-errors@1.7.2
  • deps: iconv-lite@0.4.24
• deps: type-is@~1.6.17
  • deps: mime-types@~2.1.24
  • perf: prevent internal throw on invalid type

v1.18.3

Compare Source

===================

• Fix stack trace for strict json parse error
• deps: depd@~1.1.2
  • perf: remove argument reassignment
• deps: http-errors@~1.6.3
  • deps: depd@~1.1.2
  • deps: setprototypeof@1.1.0
  • deps: statuses@'>= 1.3.1 < 2'
• deps: iconv-lite@0.4.23
  • Fix loading encoding with year appended
  • Fix deprecation warnings on Node.js 10+
• deps: qs@6.5.2
• deps: raw-body@2.3.3
  • deps: http-errors@1.6.3
  • deps: iconv-lite@0.4.23
• deps: type-is@~1.6.16
  • deps: mime-types@~2.1.18

v1.18.2

Compare Source

===================

• deps: debug@2.6.9
• perf: remove argument reassignment

v1.18.1

Compare Source

===================

• deps: content-type@~1.0.4
  • perf: remove argument reassignment
  • perf: skip parameter parsing when no parameters
• deps: iconv-lite@0.4.19
  • Fix ISO-8859-1 regression
  • Update Windows-1255
• deps: qs@6.5.1
  • Fix parsing & compacting very deep objects
• deps: raw-body@2.3.2
  • deps: iconv-lite@0.4.19

v1.18.0

Compare Source

===================

• Fix JSON strict violation error to match native parse error
• Include the body property on verify errors
• Include the type property on all generated errors
• Use http-errors to set status code on errors
• deps: bytes@3.0.0
• deps: debug@2.6.8
• deps: depd@~1.1.1
  • Remove unnecessary Buffer loading
• deps: http-errors@~1.6.2
  • deps: depd@1.1.1
• deps: iconv-lite@0.4.18
  • Add support for React Native
  • Add a warning if not loaded as utf-8
  • Fix CESU-8 decoding in Node.js 8
  • Improve speed of ISO-8859-1 encoding
• deps: qs@6.5.0
• deps: raw-body@2.3.1
  • Use http-errors for standard emitted errors
  • deps: bytes@3.0.0
  • deps: iconv-lite@0.4.18
  • perf: skip buffer decoding on overage chunk
• perf: prevent internal throw when missing charset

v1.17.2

Compare Source

===================

• deps: debug@2.6.7
  • Fix DEBUG_MAX_ARRAY_LENGTH
  • deps: ms@2.0.0
• deps: type-is@~1.6.15
  • deps: mime-types@~2.1.15

v1.17.1

Compare Source

===================

• deps: qs@6.4.0
  • Fix regression parsing keys starting with [

v1.17.0

Compare Source

===================

• deps: http-errors@~1.6.1
  • Make message property enumerable for HttpErrors
  • deps: setprototypeof@1.0.3
• deps: qs@6.3.1
  • Fix compacting nested arrays

v1.16.1

Compare Source

===================

• deps: debug@2.6.1
  • Fix deprecation messages in WebStorm and other editors
  • Undeprecate DEBUG_FD set to 1 or 2

v1.16.0

Compare Source

===================

• deps: debug@2.6.0
  • Allow colors in workers
  • Deprecated DEBUG_FD environment variable
  • Fix error when running under React Native
  • Use same color for same namespace
  • deps: ms@0.7.2
• deps: http-errors@~1.5.1
  • deps: inherits@2.0.3
  • deps: setprototypeof@1.0.2
  • deps: statuses@'>= 1.3.1 < 2'
• deps: iconv-lite@0.4.15
  • Added encoding MS-31J
  • Added encoding MS-932
  • Added encoding MS-936
  • Added encoding MS-949
  • Added encoding MS-950
  • Fix GBK/GB18030 handling of Euro character
• deps: qs@6.2.1
  • Fix array parsing from skipping empty values
• deps: raw-body@~2.2.0
  • deps: iconv-lite@0.4.15
• deps: type-is@~1.6.14
  • deps: mime-types@~2.1.13

v1.15.2

Compare Source

===================

• deps: bytes@2.4.0
• deps: content-type@~1.0.2
  • perf: enable strict mode
• deps: http-errors@~1.5.0
  • Use setprototypeof module to replace __proto__ setting
  • deps: statuses@'>= 1.3.0 < 2'
  • perf: enable strict mode
• deps: qs@6.2.0
• deps: raw-body@~2.1.7
  • deps: bytes@2.4.0
  • perf: remove double-cleanup on happy path
• deps: type-is@~1.6.13
  • deps: mime-types@~2.1.11

expressjs/session (express-session)

v1.18.0

Compare Source

===================

• Add debug log for pathname mismatch
• Add partitioned to cookie options
• Add priority to cookie options
• Fix handling errors from setting cookie
• Support any type in secret that crypto.createHmac supports
• deps: cookie@0.6.0
  • Fix expires option to reject invalid dates
  • perf: improve default decode speed
  • perf: remove slow string split in parse
• deps: cookie-signature@1.0.7

v1.17.3

Compare Source

===================

• Fix resaving already-saved new session at end of request
• deps: cookie@0.4.2

v1.17.2

Compare Source

===================

• Fix res.end patch to always commit headers
• deps: cookie@0.4.1
• deps: safe-buffer@5.2.1

v1.17.1

Compare Source

===================

• Fix internal method wrapping error on failed reloads

v1.17.0

Compare Source

===================

• deps: cookie@0.4.0
  • Add SameSite=None support
• deps: safe-buffer@5.2.0

v1.16.2

Compare Source

===================

• Fix restoring cookie.originalMaxAge when store returns Date
• deps: parseurl@~1.3.3

v1.16.1

Compare Source

===================

• Fix error passing data option to Cookie constructor
• Fix uncaught error from bad session data

v1.16.0

Compare Source

===================

• Catch invalid cookie.maxAge value earlier
• Deprecate setting cookie.maxAge to a Date object
• Fix issue where resave: false may not save altered sessions
• Remove utils-merge dependency
• Use safe-buffer for improved Buffer API
• Use Set-Cookie as cookie header name for compatibility
• deps: depd@~2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
  • perf: remove argument reassignment
• deps: on-headers@~1.0.2
  • Fix res.writeHead patch missing return value

v1.15.6

Compare Source

===================

• deps: debug@2.6.9
• deps: parseurl@~1.3.2
  • perf: reduce overhead for full URLs
  • perf: unroll the "fast-path" RegExp
• deps: uid-safe@~2.1.5
  • perf: remove only trailing =
• deps: utils-merge@1.0.1

v1.15.5

Compare Source

===================

• Fix TypeError when req.url is an empty string
• deps: depd@~1.1.1
  • Remove unnecessary Buffer loading

v1.15.4

Compare Source

===================

• deps: debug@2.6.8

v1.15.3

Compare Source

===================

• deps: debug@2.6.7
  • deps: ms@2.0.0

v1.15.2

Compare Source

===================

• deps: debug@2.6.3
  • Fix DEBUG_MAX_ARRAY_LENGTH
• deps: uid-safe@~2.1.4
  • Remove base64-url dependency

v1.15.1

Compare Source

===================

• deps: debug@2.6.1
  • Fix deprecation messages in WebStorm and other editors
  • Undeprecate DEBUG_FD set to 1 or 2

v1.15.0

Compare Source

===================

• Fix detecting modified session when session contains "cookie" property
• Fix resaving already-saved reloaded session at end of request
• deps: crc@3.4.4
  • perf: use Buffer.from when available
• deps: debug@2.6.0
  • Allow colors in workers
  • Deprecated DEBUG_FD environment variable
  • Use same color for same namespace
  • Fix error when running under React Native
  • deps: ms@0.7.2
• perf: remove unreachable branch in set-cookie method

v1.14.2

Compare Source

===================

• deps: crc@3.4.1
  • Fix deprecation warning in Node.js 7.x
• deps: uid-safe@~2.1.3
  • deps: base64-url@1.3.3

v1.14.1

Compare Source

===================

• Fix not always resetting session max age before session save
• Fix the cookie sameSite option to actually alter the Set-Cookie
• deps: uid-safe@~2.1.2
  • deps: base64-url@1.3.2

v1.14.0

Compare Source

===================

• Correctly inherit from EventEmitter class in Store base class
• Fix issue where Set-Cookie Expires was not always updated
• Methods are no longer enumerable on req.session object
• deps: cookie@0.3.1
  • Add sameSite option
  • Improve error message when encode is not a function
  • Improve error message when expires is not a Date
  • perf: enable strict mode
  • perf: use for loop in parse
  • perf: use string concatination for serialization
• deps: parseurl@~1.3.1
  • perf: enable strict mode
• deps: uid-safe@~2.1.1
  • Use random-bytes for byte source
  • deps: base64-url@1.2.2
• perf: enable strict mode
• perf: remove argument reassignment

gruntjs/grunt (grunt)

v1.6.1

Compare Source

• Changelog updates 72f6f03
• Merge pull request #​1755 from gruntjs/rm-dep 8d4c183
• Add recursive 1c7d483
• Merge pull request #​1756 from gruntjs/downgrade-glob 2d4fd38
• Downgrade glob 902db7c
• Fix syntax 494f243
• remove mkdirp b01389e
• remove dep on rimraf and mkdirp 0072510

v1.6.0

Compare Source

• Merge pull request #​1750 from gruntjs/dep-update-jan28 2805dc3
• README updates 3f1e423
• Bump to 16 8fd096d
• Update more deps 42c5f95
• Bump eslint and node version 1d88050

v1.5.3

Compare Source

• Merge pull request #​1745 from gruntjs/fix-copy-op 572d79b
• Patch up race condition in symlink copying. 58016ff
• Merge pull request #​1746 from JamieSlome/patch-1 0749e1d
• Create SECURITY.md 69b7c50

v1.5.2

Compare Source

• Update Changelog 7f15fd5
• Merge pull request #​1743 from gruntjs/cleanup-link b0ec6e1
• Clean up link handling 433f91b

v1.5.1

Compare Source

• Merge pull request #​1742 from gruntjs/update-symlink-test ad22608
• Fix symlink test 0652305

v1.5.0

Compare Source

• Updated changelog b2b2c2b
• Merge pull request #​1740 from gruntjs/update-deps-22-10 3eda6ae
• Update testing matrix 47d32de
• More updates 2e9161c
• Remove console log 04b960e
• Update dependencies, tests... aad3d45
• Merge pull request #​1736 from justlep/main fdc7056
• support .cjs extension e35fe54

v1.4.1

Compare Source

• Update Changelog e7625e5
• Merge pull request #​1731 from gruntjs/update-options 5d67e34
• Fix ci install d13bf88
• Switch to Actions 08896ae
• Update grunt-known-options eee0673
• Add note about a breaking change 1b6e288

v1.4.0

Compare Source

• Merge pull request #​1728 from gruntjs/update-deps-changelog 63b2e89
• Update changelog and util dep 106ed17
• Merge pull request #​1727 from gruntjs/update-deps-apr 49de70b
• Update CLI and nodeunit 47cf8b6
• Merge pull request #​1722 from gruntjs/update-through e86db1c
• Update deps 4952368

v1.3.0

Compare Source

• Merge pull request #​1720 from gruntjs/update-changelog-deps faab6be
• Update Changelog and legacy-util dependency 520fedb
• Merge pull request #​1719 from gruntjs/yaml-refactor 7e669ac
• Switch to use safeLoad for loading YML files via file.readYAML. e350cea
• Merge pull request #​1718 from gruntjs/legacy-log-bumo 7125f49
• Bump legacy-log 00d5907

v1.2.1

Compare Source

• Changelog update ae11839
• Merge pull request #​1715 from sibiraj-s/remove-path-is-absolute 9d23cb6
• Remove path-is-absolute dependency e789b1f

v1.2.0

Compare Source

• Allow usage of grunt plugins that are located in any location that
  is visible to Node.js and NPM, instead of node_modules directly
  inside package that have a dev dependency to these pluginhttps://github.com/gruntjs/grunt/pull/1677nt/pull/1677)
• Removed coffeescript from dependencies. To ease transition, if
  coffeescript is still around, Grunt will attempt to load it.
  If it is not, and the user loads a CoffeeScript file,
  Grunt will print a useful error indicating that the
  coffeescript package should be installed as a dev dependency.
  This is considerably more user-friendly than dropping the require entirely,
  but doing so is feasible with the latest grunt-cli as users
  may simply use grunt --require https://github.com/gruntjs/grunt/pull/1675thub.com/Remove coffeescript from dependencies. gruntjs/grunt#1675)
• Exposes Grunt Option keys for ease of use.
  (https://github.com/gruntjs/grunt/pull/15701570)
• Avoiding infinite loop on very long command names.
  (https://github.com/gruntjs/grunt/pull/16971697)

v1.1.0

Compare Source

• Update to mkdirp ~1.0.3
• Only support versions of Node >= 8

v1.0.4

Compare Source

v1.0.3

Compare Source

v1.0.2

Compare Source

gruntjs/grunt-cli (grunt-cli)

v1.4.3

Compare Source

• Fix preload option (#​147) 07f3b0d
• Revert liftoff (#​144) 4d691e2
• Revert liftoff changes due to https://github.com/gruntjs/grunt/issues/1725 (#​143) e820858

v1.4.2

Compare Source

• Revert liftoff (#​144) 4d691e2
• Revert liftoff changes due to https://github.com/gruntjs/grunt/issues/1725 (#​143) e820858

v1.4.1

Compare Source

• Revert liftoff changes due to https://github.com/gruntjs/grunt/issues/1725 (#​143) e820858

v1.4.0

Compare Source

• Update changelog bbc4400
• Ignore package-lock 3fa5bf6
• Update deps, switch to actions (#​141) c271173
• Bump deps, required node version and ci (#​137) 84ebcb8

v1.3.2

Compare Source

v1.3.1

Compare Source

v1.3.0

Compare Source

jashkenas/underscore (underscore)

v1.13.6

Compare Source

v1.13.5

Compare Source

v1.13.4

Compare Source

v1.13.3

Compare Source

v1.13.2

Compare Source

[v1.13.1](https://togi

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box