Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump lodash from 4.17.19 to 4.17.21 in /build/npm #1988

Merged
merged 1 commit into from
May 16, 2021
Merged

Bump lodash from 4.17.19 to 4.17.21 in /build/npm #1988

merged 1 commit into from
May 16, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 11, 2021

Bumps lodash from 4.17.19 to 4.17.21.

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump lodash from 4.17.19 to 4.17.21 in /build/npm
770df9b 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 11, 2021
@github-actions
Copy link
Contributor

Benchmark Results

java_maven_serial.csv

Commit CPU Memory Time ExitCode
6e0d83f 181% 318024 0:17.65 0
c532320 181% 338348 0:18.11 0
c93f7af 147% 296200 0:30.25 0
8c85c71 160% 328132 0:30.33 0

java_gradle_serial.csv

Commit CPU Memory Time ExitCode
6e0d83f 179% 388428 0:21.85 0
c532320 177% 349640 0:21.11 0
c93f7af 166% 619168 0:33.39 0
8c85c71 184% 635340 0:38.27 0

java_maven_multithreaded.csv

Commit CPU Memory Time ExitCode
6e0d83f 183% 355184 0:23.08 0
c532320 183% 303728 0:22.61 0
c93f7af 153% 362648 0:37.51 0
8c85c71 155% 314632 0:29.21 0

java_simple_multithreaded.csv

Commit CPU Memory Time ExitCode
6e0d83f 181% 397856 0:13.15 0
c532320 174% 384524 0:13.73 0
c93f7af 174% 385536 0:14.13 0
8c85c71 171% 384880 0:15.85 0

java_simple_parallel.csv

Commit CPU Memory Time ExitCode
6e0d83f 185% 316576 0:20.36 0
c532320 188% 316540 0:20.17 0
c93f7af 182% 324672 0:20.33 0
8c85c71 183% 349428 0:23.48 0

java_gradle_multithreaded.csv

Commit CPU Memory Time ExitCode
6e0d83f 180% 376804 0:18.33 0
c532320 182% 355644 0:20.04 0
c93f7af 179% 558492 0:33.83 0
8c85c71 180% 557380 0:30.94 0

java_maven_parallel.csv

Commit CPU Memory Time ExitCode
6e0d83f 184% 318832 0:21.98 0
c532320 184% 340820 0:20.92 0
c93f7af 158% 341744 0:31.93 0
8c85c71 177% 321032 0:23.89 0

java_gradle_parallel.csv

Commit CPU Memory Time ExitCode
6e0d83f 178% 394976 0:20.54 0
c532320 178% 374068 0:20.26 0
c93f7af 166% 639544 0:30.80 0
8c85c71 181% 575368 0:35.85 0

java_simple_serial.csv

Commit CPU Memory Time ExitCode
6e0d83f 179% 351068 0:13.29 0
c532320 170% 343216 0:14.42 0
c93f7af 163% 341344 0:15.11 0
8c85c71 170% 340652 0:16.17 0

Notes

  • The results above are generated by running against seed projects in https://github.com/getgauge/gauge-benchmark
  • These results are not persisted, but on merging to master the benchmark will be rerun.
  • These benchmark are run in Github Actions' agents, which are virtualized. Results are not to be taken as actual benchmarks.Rather, these are indicative numbers and make sense for comparison.

See Workflow log for more details.

@sriv sriv merged commit 6ab8c56 into master May 16, 2021
@sriv sriv deleted the dependabot/npm_and_yarn/build/npm/lodash-4.17.21 branch May 16, 2021 10:55
waldemar-kindler pushed a commit to waldemar-kindler/gauge that referenced this pull request May 21, 2021
@dependabot @waldemar-kindler
Bump lodash from 4.17.19 to 4.17.21 in /build/npm (getgauge#1988)
ad9164e 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
sriv pushed a commit that referenced this pull request May 21, 2021
@waldemar-kindler @dependabot
Added support for Apple Silicon. Fixes #1997 (#1998)
ebd763a 
* Added support for Apple Silicon. Fixes #1997
Signed-off-by: Waldemar Kindler <waldemar.kindler@gmail.com>

* Bump lodash from 4.17.19 to 4.17.21 in /build/npm (#1988)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump google.golang.org/grpc from 1.37.0 to 1.38.0 (#2002)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.37.0...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sriv sriv sriv approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sriv