Sourced from rollup-plugin-vue's releases.

Version 5.0.0

Chores

• Upgrade @vue/component-compiler & @vue/component-compiler-utils (e215fe7)

BREAKING CHANGES

• @vue/[email protected] uses sass instead of node-sass

Version 4.7.2

Bug Fixes

• Add needMap option to disable source maps (3f879f3)

Sourced from rollup-plugin-vue's changelog.

5.1.5 (2020-01-06)

5.1.4 (2019-11-21)

Bug Fixes

• use inline block language in part request (7434ea2)

5.1.3 (2019-11-21)

Bug Fixes

• call transformer from whitelisted custom blocks (#310) (ab13f3b)

5.1.2 (2019-10-27)

Bug Fixes

• use local runtime helpers for externalising vue-runtime-helpers (3b0b4de)

5.1.1 (2019-10-26)

Bug Fixes

• typo in option name (7b848ee)

5.1.0 (2019-10-26)

Features

... (truncated)

• 5f007ab chore(release): 5.1.5
• daeb0c7 chore: Restore CHANGELOG.md
• 2babec6 Revert "fix: use local runtime helpers for externalising vue-runtime-helpers"
• 0db705f Revert "chore(release): 5.1.2"
• 8335566 Revert "fix: call transformer from whitelisted custom blocks (#310)"
• ddcd5fa Revert "chore(release): 5.1.3"
• ce5f9f7 Revert "fix: use inline block language in part request"
• 82a2a8e Revert "chore(release): 5.1.4"
• 64d5140 chore(release): 5.1.4
• 7434ea2 fix: use inline block language in part request
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from sass-loader's releases.

v8.0.1

8.0.1 (2020-01-10)

Bug Fixes

• support [email protected] (#794) (6c59e37)

v8.0.0

⚠ BREAKING CHANGES

• minimum required webpack version is 4.36.0
• minimum required node.js version is 8.9.0
• move all sass (includePaths, importer, functions) options to the sassOptions option. The functions option can't be used as Function, you should use sassOption as Function to achieve this.
• the data option was renamed to the prependData option
• default value of the sourceMap option depends on the devtool value (eval/false values don't enable source map generation)

Features

• automatically use the fibers package if it is possible (#744) (96184e1)
• source map generation depends on the devtool option (#743) (fcea88e)
• validate loader options (#737) (7b543fc)
• reworked error handling from node-sass/sass
• improve resolution for @import (including support _index and index files in a directory)

Bug Fixes

• compatibility with pnp

v7.3.1

7.3.1 (2019-08-20)

Bug Fixes

• minimum node version in package.json (#733) (1175920)

v7.3.0

7.3.0 (2019-08-20)

Bug Fixes

• handle module import ending / as module (#728) (997a255)
• resolution algorithm (#720) (0e94940)
• use "compressed" output when mode is "production" (#723) (b2af379)

Features

... (truncated)

Sourced from sass-loader's changelog.

8.0.1 (2020-01-10)

Bug Fixes

• support [email protected] (#794) (6c59e37)

8.0.0 (2019-08-29)

⚠ BREAKING CHANGES

• minimum required webpack version is 4.36.0
• minimum required node.js version is 8.9.0
• move all sass (includePaths, importer, functions, outputStyle) options to the sassOptions option. The functions option can't be used as Function, you should use sassOption as Function to achieve this.
• the data option was renamed to the prependData option
• default value of the sourceMap option depends on the devtool value (eval/false values don't enable source map generation)

Features

• automatically use the fibers package if it is possible (#744) (96184e1)
• source map generation depends on the devtool option (#743) (fcea88e)
• validate loader options (#737) (7b543fc)
• reworked error handling from node-sass/sass
• improve resolution for @import (including support _index and index files in a directory)

Bug Fixes

• compatibility with pnp

7.3.1 (2019-08-20)

Bug Fixes

• minimum node version in package.json (#733) (1175920)

7.3.0 (2019-08-20)

Bug Fixes

• handle module import ending / as module (#728) (997a255)
• resolution algorithm (#720) (0e94940)
• use "compressed" output when mode is "production" (#723) (b2af379)

Features

... (truncated)

• 3b51d47 chore(release): 8.0.1
• 6c59e37 fix: support [email protected] (#794)
• 5611f73 docs: improved documentation after breaking changes in release version 8.0.0 ...
• 4834287 refactor: use startsWith (#792)
• 22c597b refactor: use Array.includes (#777)
• ed345fa chore(deps): switch to memfs (#791)
• 2e14b68 chore: removed the duplicated prettier config (#781)
• 9274387 chore(deps): update (#772)
• 6d11b7b docs: overhaul readme (#771)
• 185ba80 test: sass modules "@use" (#770)
• Additional commits viewable in compare view

This version was pushed to npm by evilebottnawi, a new releaser for sass-loader since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from css-loader's releases.

v3.4.1

3.4.1 (2020-01-03)

Bug Fixes

• do not output undefined when sourceRoot is unavailable (#1036) (ded2a79)
• don't output invalid es5 code when locals do not exists (#1035) (b60e62a)

v3.4.0

3.4.0 (2019-12-17)

Features

• esModule option (#1026) (d358cdb)

Bug Fixes

• logic for order and media queries for imports (#1018) (65450d9)

v3.3.2

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

v3.3.1

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

v3.3.0

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

... (truncated)

Sourced from css-loader's changelog.

3.4.1 (2020-01-03)

Bug Fixes

• do not output undefined when sourceRoot is unavailable (#1036) (ded2a79)
• don't output invalid es5 code when locals do not exists (#1035) (b60e62a)

3.4.0 (2019-12-17)

Features

• esModule option (#1026) (d358cdb)

Bug Fixes

• logic for order and media queries for imports (#1018) (65450d9)

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

• do not crash when an assert return null or undefined (#1006) (6769783)
• reduce count of require (#1004) (80e9662)

3.2.1 (2019-12-02)

... (truncated)

• 7c9f47b chore(release): 3.4.1
• ded2a79 fix: do not output undefined when sourceRoot is unavailable (#1036)
• b60e62a fix: don't output invalid es5 code when locals do not exists (#1035)
• b95a779 chore(release): 3.4.0
• 63a74b2 chore(deps): update (#1027)
• 796fe28 Test more (#1024)
• d358cdb feat: esModule option (#1026)
• 23bc1e9 refactor: code
• 0016e49 test: webpack5 (#1023)
• ea26c56 test: refactor
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from css-loader's releases.

v3.4.0

3.4.0 (2019-12-17)

Features

• esModule option (#1026) (d358cdb)

Bug Fixes

• logic for order and media queries for imports (#1018) (65450d9)

v3.3.2

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

v3.3.1

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

v3.3.0

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

• do not crash when an assert return null or undefined (#1006) (6769783)
• reduce count of require (#1004) (80e9662)

v3.2.1

3.2.1 (2019-12-02)

Bug Fixes

... (truncated)

Sourced from css-loader's changelog.

3.4.0 (2019-12-17)

Features

• esModule option (#1026) (d358cdb)

Bug Fixes

• logic for order and media queries for imports (#1018) (65450d9)

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

• do not crash when an assert return null or undefined (#1006) (6769783)
• reduce count of require (#1004) (80e9662)

3.2.1 (2019-12-02)

Bug Fixes

• add an additional space after the escape sequence (#998) (0961304)
• compatibility with ES modules syntax and hash in url function (#1001) (8f4d6f5)

3.2.0 (2019-08-06)

... (truncated)

• b95a779 chore(release): 3.4.0
• 63a74b2 chore(deps): update (#1027)
• 796fe28 Test more (#1024)
• d358cdb feat: esModule option (#1026)
• 23bc1e9 refactor: code
• 0016e49 test: webpack5 (#1023)
• ea26c56 test: refactor
• ee40727 chore(defaults): update (#1020)
• 65450d9 fix: logic for order and media queries for imports (#1018)
• cbca64d chore(release): 3.3.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from compression-webpack-plugin's releases.

v3.0.1

3.0.1 (2019-12-09)

SECURITY

• update serialize-javascript to 2.1.1 version.

v3.0.0

3.0.0 (2019-06-05)

chore

• deps: update (#124) (897bd95)

Tests

• validation (#111) (833e825)

BREAKING CHANGES

• deps: minimum required nodejs version is 8.9.0

Sourced from compression-webpack-plugin's changelog.

3.0.1 (2019-12-09)

SECURITY

• update serialize-javascript to 2.1.1 version.

3.0.0 (2019-06-05)

chore

• deps: update (#124) (897bd95)

Tests

• validation (#111) (833e825)

BREAKING CHANGES

• deps: minimum required nodejs version is 8.9.0

• e57ae0d chore(release): 3.0.1
• 055d50d docs: multiple compressed versions of assets for different algorithm
• b7e65f2 chore(deps): update (#139)
• af883d8 chore(release): 3.0.0
• 897bd95 chore(deps): update (#124)
• ff3ceeb docs: add “Using Brotli” (#119)
• 264efa3 docs(readme): update with import example (#113)
• 833e825 test: validation (#111)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from css-loader's releases.

v3.3.2

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

v3.3.1

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

v3.3.0

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

• do not crash when an assert return null or undefined (#1006) (6769783)
• reduce count of require (#1004) (80e9662)

v3.2.1

3.2.1 (2019-12-02)

Bug Fixes

• add an additional space after the escape sequence (#998) (0961304)
• compatibility with ES modules syntax and hash in url function (#1001) (8f4d6f5)

v3.2.0

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

... (truncated)

Sourced from css-loader's changelog.

3.3.2 (2019-12-12)

Bug Fixes

• logic for order and media queries for imports (1fb5134)

3.3.1 (2019-12-12)

Bug Fixes

• better handling url functions and an url in @import at-rules
• reduce count of require (#1014) (e091d27)

3.3.0 (2019-12-09)

Features

• support pure css modules (#1008) (6177af5)

Bug Fixes

• do not crash when an assert return null or undefined (#1006) (6769783)
• reduce count of require (#1004) (80e9662)

3.2.1 (2019-12-02)

Bug Fixes

• add an additional space after the escape sequence (#998) (0961304)
• compatibility with ES modules syntax and hash in url function (#1001) (8f4d6f5)

3.2.0 (2019-08-06)

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

3.1.0 (2019-07-18)

... (truncated)

• b3477a0 chore(release): 3.3.2
• 1fb5134 fix: logic for order and media queries for imports
• cbca64d chore(release): 3.3.1
• 3b12c87 refactor: code (#1017)
• c80c39f fix: handling urls in @​import (#1016)
• 30a9269 fix: handling escaped urls (#1015)
• e091d27 fix: reduce count of require (#1014)
• 60c65e0 fix: characters as URL escapes in url (#1013)
• 8e8ab18 fix: handling string urls with backslash and newline (#1012)
• b59c4f2 test: special characters in file name (#1011)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from css-loader's releases.

v3.2.1

3.2.1 (2019-12-02)

Bug Fixes

• add an additional space after the escape sequence (#998) (0961304)
• compatibility with ES modules syntax and hash in url function (#1001) (8f4d6f5)

v3.2.0

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

v3.1.0

3.1.0 (2019-07-18)

Bug Fixes

• converting all (including reserved and control) filesystem characters to - (it was regression in 3.0.0 version) (#972) (f51859b)
• default context should be undefined instead of null (#965) (9c32885)

Features

• allow modules.getLocalIdent to return a falsy value (#963) (9c3571c)
• improved validation error messages (65e4fc0)

v3.0.0

3.0.0 (2019-06-11)

Bug Fixes

• avoid the "from" argument must be of type string error (#908) (e5dfd23)
• invert Function behavior for url and import options (#939) (e9eb5ad)
• properly export locals with escaped characters (#917) (a0efcda)
• property handle non css characters in localIdentName (#920) (d3a0a3c)

Features

• modules options now accepts object config (#937) (1d7a464)
• support @value at-rule in selectors (#941) (05a42e2)

... (truncated)

Sourced from css-loader's changelog.

3.2.1 (2019-12-02)

Bug Fixes

• add an additional space after the escape sequence (#998) (0961304)
• compatibility with ES modules syntax and hash in url function (#1001) (8f4d6f5)

3.2.0 (2019-08-06)

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

3.1.0 (2019-07-18)

Bug Fixes

• converting all (including reserved and control) filesystem characters to - (it was regression in 3.0.0 version) (#972) (f51859b)
• default context should be undefined instead of null (#965) (9c32885)

Features

• allow modules.getLocalIdent to return a falsy value (#963) (9c3571c)
• improved validation error messages (65e4fc0)

3.0.0 (2019-06-11)

Bug Fixes

• avoid the "from" argument must be of type string error (#908) (e5dfd23)
• invert Function behavior for url and import options (#939) (e9eb5ad)
• properly export locals with escaped characters (#917) (a0efcda)
• property handle non css characters in localIdentName (#920) (d3a0a3c)

Features

• modules options now accepts object config (#937) (1d7a464)

... (truncated)

• 77e705c chore(release): 3.2.1
• 8f4d6f5 fix: compatibility with ES modules syntax and hash in url function (#1001)
• e21ab00 docs(readme): update default values for options (#1000)
• 0961304 fix: add an additional space after the escape sequence (#998)
• 94378b7 test: module concatenation plugin (#996)
• cb434bf refactor: code
• 39f18f8 chore(release): 3.2.0
• 9c5126c feat: support es modules for assets loader (#984)
• 2ac79c3 docs: example with CSS modules and pure CSS (#983)
• 967fb66 fix: replace . characters in localIndent to - character (regression) (#982)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from rollup-plugin-vue's releases.

Version 5.0.0

Chores

• Upgrade @​vue/component-compiler & @​vue/component-compiler-utils (e215fe7)

BREAKING CHANGES

• @vue/[email protected] uses sass instead of node-sass

Version 4.7.2

Bug Fixes

• Add needMap option to disable source maps (3f879f3)

Sourced from rollup-plugin-vue's changelog.

5.1.4 (2019-11-21)

Bug Fixes

• use inline block language in part request (7434ea2)

5.1.3 (2019-11-21)

Bug Fixes

• call transformer from whitelisted custom blocks (#310) (ab13f3b)

5.1.2 (2019-10-27)

Bug Fixes

• use local runtime helpers for externalising vue-runtime-helpers (3b0b4de)

5.1.1 (2019-10-26)

Bug Fixes

• typo in option name (7b848ee)

5.1.0 (2019-10-26)

Features

• Add support for shadow DOM style injection (9a0e7cf)

... (truncated)

• 64d5140 chore(release): 5.1.4
• 7434ea2 fix: use inline block language in part request
• 77aadb7 chore(release): 5.1.3
• ab13f3b fix: call transformer from whitelisted custom blocks (#310)
• a983704 chore(release): 5.1.2
• 3b0b4de fix: use local runtime helpers for externalising vue-runtime-helpers
• 0bc9d30 chore(release): 5.1.1
• 7b848ee fix: typo in option name
• 9e70638 chore: code style
• cdb8387 chore(release): 5.1.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from css-loader's releases.

v3.2.0

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

v3.1.0

3.1.0 (2019-07-18)

Bug Fixes

• converting all (including reserved and control) filesystem characters to - (it was regression in 3.0.0 version) (#972) (f51859b)
• default context should be undefined instead of null (#965) (9c32885)

Features

• allow modules.getLocalIdent to return a falsy value (#963) (9c3571c)
• improved validation error messages (65e4fc0)

v3.0.0

3.0.0 (2019-06-11)

Bug Fixes

• avoid the "from" argument must be of type string error (#908) (e5dfd23)
• invert Function behavior for url and import options (#939) (e9eb5ad)
• properly export locals with escaped characters (#917) (a0efcda)
• property handle non css characters in localIdentName (#920) (d3a0a3c)

Features

• modules options now accepts object config (#937) (1d7a464)
• support @value at-rule in selectors (#941) (05a42e2)

BREAKING CHANGES

• minimum required nodejs version is 8.9.0
• @value at rules now support in selector, recommends checking all @values at-rule usage (hint: you can add prefix to all @value at-rules, for example @value v-foo: black; or @value m-foo: screen and (max-width: 12450px), and then do upgrade)
• invert {Function} behavior for url and import options (need return true when you want handle url/@import and return false if not)
• exportLocalsStyle option was remove in favor localsConvention option, also it is accept only {String} value (use camelCase value if you previously value was true and asIs if you previously value was false)
• exportOnlyLocals option was remove in favor onlyLocals option

... (truncated)

Sourced from css-loader's changelog.

3.2.0 (2019-08-06)

Bug Fixes

• replace . characters in localIndent to - character (regression) (#982) (967fb66)

Features

• support es modules for assets loader (#984) (9c5126c)

3.1.0 (2019-07-18)

Bug Fixes

• converting all (including reserved and control) filesystem characters to - (it was regression in 3.0.0 version) (#972) (f51859b)
• default context should be undefined instead of null (#965) (9c32885)

Features

• allow modules.getLocalIdent to return a falsy value (#963) (9c3571c)
• improved validation error messages (65e4fc0)

3.0.0 (2019-06-11)

Bug Fixes

• avoid the "from" argument must be of type string error (#908) (e5dfd23)
• invert Function behavior for url and import options (#939) (e9eb5ad)
• properly export locals with escaped characters (#917) (a0efcda)
• property handle non css characters in localIdentName (#920) (d3a0a3c)

Features

• modules options now accepts object config (#937) (1d7a464)
• support @value at-rule in selectors (#941) (05a42e2)

BREAKING CHANGES

• minimum required nodejs version is 8.9.0
• @value at rules now support in selector, recommends checking all @values at-rule usage (hint: you can add prefix to all @value at-rules, for example @value v-foo: black; or @value m-foo: screen and (max-width: 12450px), and then do upgrade)
• invert {Function} behavior for url and import options (need return true when you want handle url/@import and return false if not)

... (truncated)

• 39f18f8 chore(release): 3.2.0
• 9c5126c feat: support es modules for assets loader (#984)
• 2ac79c3 docs: example with CSS modules and pure CSS (#983)
• 967fb66 fix: replace . characters in localIndent to - character (regression) (#982)
• 036b5f1 docs: fix camelCase reference in 3.0 changelog (#979)
• 926ebbd chore(release): 3.1.0
• 5d2c52e test: escaped in selectors (#973)
• f51859b fix: converting reserved and control filesystem characters to - (#972)
• 65e4fc0 feat: improved validation error messages
• 9c32885 fix: default context should be undefined instead of null (#965)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from eslint-plugin-vue's releases.

v6.0.1

🐛 Bug Fixes

• #984 Fixed an issue where the message "requires a peer of eslint@^5.0.0" was reported when installing the eslint-plugin-vue.

v6.0.0

💥 Breaking Changes

• #979 Dropped support for Node.js 6.x, ESLint 5.x.
• #940 Dropped autofix of vue/prop-name-casing.
• #823 Added Nuxt properties to the default order of vue/order-in-components.
• #895 #807 Upgrade to vue-eslint-parser@6.0.4

✨ Enhancements

Core:

• #807 Support new syntax in Vue.js 2.6.
• #979 Added support for ESLint 6.x.

New Rules:

• #798 Added vue/no-empty-pattern rule applies no-empty-pattern rule to expressions in \<template>.
• #794 Added vue/dot-location rule applies dot-location rule to expressions in \<template>.
• #795 Added vue/keyword-spacing rule applies keyword-spacing rule to expressions in \<template>.
• #838 Added vue/no-deprecated-scope-attribute rule that reports deprecated scope attribute in Vue.js v2.5.0+.
• #837 Added vue/valid-v-slot rule that checks whether every v-slot directive is valid.
• #836 Added vue/v-slot-style rule that enforces v-slot directive style which you should use shorthand or long form.

🐛 Bug Fixes

• #904 Fixed vue/use-v-on-exact to allows events with different key codes
• #937 Fixed typo in vue/valid-v-else rule message

---

All commits: v5.2.3 -> v6.0.0

• fc7afd7 6.0.1
• 3643c9a Upgrade vue-eslint-parser@^6.0.5 (#984)
• ccb3dbb 6.0.0
• 6d48d11 Chore: Update packages to support ESlint v6 (#979)
• edf43ff Drop autofix of prop-name-casing. (#940)
• 3836af4 Fix: register v-slot-style and valid-v-slot (#880)
• e59eb09 Fixed jsx parsing error (#961)
• 1d12b93 typo (#947)
• 27fc35c chore: Keep Nuxt's 'asyncData' and 'fetch' with 'data' (#823)
• d822a03 pref: improve traverse (#912)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from copy-webpack-plugin's releases.

v5.0.5

5.0.5 (2019-11-06)

Performance Improvements

• improvements for [email protected]

v5.0.4

5.0.4 (2019-07-26)

Bug Fixes

• use posix separator for emitting assets (#392) (7f08be6)

v5.0.3

5.0.3 (2019-04-24)

Bug Fixes

• alone [N] interpolation in to option (#375) (70917b7)

v5.0.2

5.0.2 (2019-03-22)

Bug Fixes

• add fallback to transform cache directory (#361) (05963eb)
• better determinate template in to option (#363) (52f8be6)
• emit errors instead throw (#362) (3946473)
• watch on windows (#359) (eaf4306)

Performance Improvements

• avoid extra call stat for file (#365) (ae2258f)

v5.0.1

5.0.1 (2019-03-11)

Bug Fixes

• respect base of glob for context dependencies (#352) (5b407f1)

... (truncated)

Sourced from copy-webpack-plugin's changelog.

5.0.5 (2019-11-06)

Performance Improvements

• improvements for [email protected]

5.0.4 (2019-07-26)

Bug Fixes

• use posix separator for emitting assets (#392) (7f08be6)

5.0.3 (2019-04-24)

Bug Fixes

• alone [N] interpolation in to option (#375) (70917b7)

5.0.2 (2019-03-22)

Bug Fixes

• add fallback to transform cache directory (#361) (05963eb)
• better determinate template in to option (#363) (52f8be6)
• emit errors instead throw (#362) (3946473)
• watch on windows (#359) (eaf4306)

Performance Improvements

• avoid extra call stat for file (#365) (ae2258f)

5.0.1 (2019-03-11)

... (truncated)

• 0675847 chore(release): 5.0.5
• 9146c2a docs: fix typo (#401)
• 3103940 refactor: minor code refactor (#399)
• c546871 perf: improvement for [email protected] (#406)
• 5db376b chore(deps): update (#409)
• 806eb41 docs: fix broken fragment links (#398)
• 6158483 chore(release): 5.0.4
• cd0e9f5 docs: clarify plugin description (#395)
• f848140 test: refactor (#394)
• ff0c736 refactor: tests (#393)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• ebdf849 1.3.4
• ac57872 move all allocUnsafes to allocs for easier maintenance
• c64c950 1.3.3
• 0598ba1 fix .. in encodingLength
• 010aedb 1.3.2
• 0d0d593 backport encodingLength fix to v1
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from browserslist's changelog.

4.16.6

• Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).

4.16.5

• Fixed unsafe RegExp (by Yeting Li).

4.16.4

• Fixed unsafe RegExp.
• Added artifactory support to --update-db (by Ittai Baratz).

4.16.3

• Fixed --update-db.

4.16.2

• Fixed --update-db (by @​ialarmedalien).

4.16.1

• Fixed Chrome 4 with mobileToDesktop (by Aron Woost).

4.16

• Add browserslist config query.

4.15

• Add TypeScript types (by Dmitry Semigradsky).

4.14.7

• Fixed Yarn Workspaces support to --update-db (by Fausto Núñez Alberro).
• Added browser changes to --update-db (by @​AleksandrSl).
• Added color output to --update-db.
• Updated package.funding to have link to our Open Collective.

4.14.6

• Fixed Yarn support in --update-db (by Ivan Storck).
• Fixed npm 7 support in --update-db.

4.14.5

• Fixed last 2 electron versions query (by Sergey Melyukov).

4.14.4

• Fixed Unknown version 59 of op_mob error.

4.14.3

• Update Firefox ESR.

4.14.2

• Fixed --update-db on Windows (by James Ross).
• Improved --update-db output.

4.14.1

• Added --update-db explanation (by Justin Zelinsky).

... (truncated)

• 6fe3614 Release 4.16.6 version
• 33ebac9 Update dependencies
• 2128170 Add support for npm-shrinkwrap files alongside package-lock (#595)
• 7cc2aed Release 4.16.5 version
• 27e4afd Update dependencies
• 1013a18 Fix version RegExp
• b879a1a Use Node.js 16 on CI
• bd1e9e0 Fix ReDoS (#593)
• 209adf9 Release 4.16.4 version
• 3e2ae3b Fix types
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• eb6d9f5 [dist] 1.5.1
• 750d8e8 [fix] Fixes relative path resolving #199 #200 (#201)
• 3ac7774 [test] Make test consistent for browser testing
• 267a0c6 [dist] 1.5.0
• d1e7e88 [security] More backslash fixes (#197)
• d99bf4c [ignore] Remove npm-debug.log from .gitignore
• 422c8b5 [pkg] Replace nyc with c8
• 933809d [pkg] Move coveralls to dev dependencies
• 190b216 [pkg] Add .npmrc
• ce3783f [test] Do not test on all available versions of Edge and Safari
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

• #1672 - Switch cmd parser to latest minimist (@​dougwilson

Compatibility notes:

• Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

• Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

• Node.js < v6 is no longer supported Reverted in 4.7.6

Commits

v4.7.4 - April 1st, 2020

Chore/Housekeeping:

• #1666 - Replaced minimist with yargs for handlebars CLI (@​aorinevo, @​AviVahl & @​fabb)

Compatibility notes:

... (truncated)

• a9a8e40 v4.7.7
• e66aed5 Update release notes
• 7d4d170 disable IE in Saucelabs tests
• eb860c0 fix weird error in integration tests
• b6d3de7 fix: check prototype property access in strict-mode (#1736)
• f058970 fix: escape property names in compat mode (#1736)
• 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
• 3789a30 chore: start testing on Node.js 12 and 13
• e6ad93e v4.7.6
• 2bf4fc6 Update release notes
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• e71b2d9 lib: relint using eslint
• 8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.