From b52aebb9d3cf04b4eaa6b773769edace6a46df77 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 May 2021 06:18:34 +0000 Subject: [PATCH 1/4] Bump lodash from 4.17.14 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.14 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.14...4.17.21) Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 65abb16..7f7d683 100644 --- a/package-lock.json +++ b/package-lock.json @@ -523,9 +523,9 @@ } }, "lodash": { - "version": "4.17.14", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.14.tgz", - "integrity": "sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==", + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", "dev": true }, "log-symbols": { From fd9369532fd057e84d8ef69d548108722813cc42 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Mar 2021 18:02:53 +0000 Subject: [PATCH 2/4] Bump y18n from 4.0.0 to 4.0.1 Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7f7d683..9f55242 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1117,9 +1117,9 @@ "integrity": "sha1-pcbVMr5lbiPbgg77lDofBJmNY68=" }, "y18n": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", - "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.1.tgz", + "integrity": "sha512-wNcy4NvjMYL8gogWWYAO7ZFWFfHcbdbE57tZO8e4cbpj8tfUcwrwqSl3ad8HxpYWCdXcJUCeKKZS62Av1affwQ==", "dev": true }, "yargs": { From 68dd5e3ac20cb5ed8be7360f15f46ed963d23b60 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 May 2021 11:38:35 +0000 Subject: [PATCH 3/4] Bump y18n from 4.0.0 to 4.0.3 --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9f55242..43ceaf4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1117,9 +1117,9 @@ "integrity": "sha1-pcbVMr5lbiPbgg77lDofBJmNY68=" }, "y18n": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.1.tgz", - "integrity": "sha512-wNcy4NvjMYL8gogWWYAO7ZFWFfHcbdbE57tZO8e4cbpj8tfUcwrwqSl3ad8HxpYWCdXcJUCeKKZS62Av1affwQ==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.3.tgz", + "integrity": "sha512-JKhqTOwSrqNA1NY5lSztJ1GrBiUodLMmIZuLiDaMRJ+itFd+ABVE8XBjOvIWL+rSqNDC74LCSFmlb/U4UZ4hJQ==", "dev": true }, "yargs": { From 6743e553612c2fcaf235c4961f6303388357600a Mon Sep 17 00:00:00 2001 From: James Harrison Date: Thu, 13 May 2021 12:48:55 +0100 Subject: [PATCH 4/4] Add seperate CHANGELOG. --- CHANGELOG.md | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 31 +----------------------------- 2 files changed, 54 insertions(+), 30 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..984e88e --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,53 @@ +# Changelog + +## [Unreleased] + +## [1.4.2] - 2021-05-13 + +### Security + +- Upgrade lodash from 4.17.14 to 4.17.21 to mitigate [CVE-2021-23337](https://github.com/advisories/GHSA-35jh-r3h4-6jhm) and [CVE-2020-8203](https://github.com/advisories/GHSA-p6mc-m468-83gw). +- Upgrade y18n from 4.0.0 to 4.0.3 to mitigate [CVE-2020-7774](https://github.com/advisories/GHSA-c4w7-xm78-47vh). + +## [1.4.1] - 2020-03-10 + +- Upgrade lodash to 4.17.14 to mitigate [CVE-2019-10744](https://github.com/advisories/GHSA-jf85-cpcp-j695). + +## [1.4.0] - 2019-06-18 + +- Upgrade through2 to 2.0.5. + +## [1.3.0] - 2018-09-17 + +- Upgrade to RTLCSS 2.4.0. +- Upgrade plugin-error to 1.0.1. + +## [1.2.0] - 2018-03-18 + +- Upgrade to RTLCSS 2.2.1. + +## [1.1.0] - 2018-01-10 + +- Add support for `gulp-sourcemaps`. +- Remove `gulp-util` in favour of `plugin-error`. + +## [1.0.0] - 2016-02-18 + +- [#6](https://github.com/jjlharrison/gulp-rtlcss/issues/6) Upgrade to RTLCSS 2. + +## [0.1.4] - 2015-01-28 + +- [#2](https://github.com/jjlharrison/gulp-rtlcss/issues/2) Add support for RTLCSS configuration. + +[Unreleased]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.4.2...main +[1.4.2]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.4.1...v1.4.2 +[1.4.1]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.4.0...v1.4.1 +[1.4.0]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.3.0...v1.4.0 +[1.3.0]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.2.0...v1.3.0 +[1.2.0]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.1.0...v1.2.0 +[1.1.0]: https://github.com/jjlharrison/gulp-rtlcss/compare/v1.0.0...v1.1.0 +[1.0.0]: https://github.com/jjlharrison/gulp-rtlcss/compare/v0.1.4...v1.0.0 +[0.1.4]: https://github.com/jjlharrison/gulp-rtlcss/compare/v0.1.3...v0.1.4 +[0.1.3]: https://github.com/jjlharrison/gulp-rtlcss/compare/v0.1.2...v0.1.3 +[0.1.2]: https://github.com/jjlharrison/gulp-rtlcss/compare/v0.1.1...v0.1.2 +[0.1.1]: https://github.com/jjlharrison/gulp-rtlcss/tree/v0.1.1 \ No newline at end of file diff --git a/README.md b/README.md index 1684fe0..7b3d5a1 100644 --- a/README.md +++ b/README.md @@ -50,38 +50,9 @@ gulp.task('styles', function () { .pipe(gulp.dest('dist')); // Output RTL stylesheets. }); ``` - ## Change Log -### 1.4.1 - 2020-03-10 - -- Upgrade `lodash` to 4.17.14 to mitigate [CVE-2019-10744](https://github.com/advisories/GHSA-jf85-cpcp-j695). - -### 1.4.0 - 2019-06-18 - -- Upgrade `through2` to 2.0.5. - -### 1.3.0 - 2018-09-17 - -- Upgrade to RTLCSS 2.4.0. -- Upgrade `plugin-error` to 1.0.1. - -### 1.2.0 - 2018-03-18 - -- Upgrade to RTLCSS 2.2.1. - -### 1.1.0 - 2018-01-10 - -- Add support for `gulp-sourcemaps`. -- Remove `gulp-util` in favour of `plugin-error`. - -### 1.0.0 - 2016-02-18 - -- [#6](https://github.com/jjlharrison/gulp-rtlcss/issues/6) Upgrade to RTLCSS 2. - -### 0.1.4 - 2015-01-28 - -- [#2](https://github.com/jjlharrison/gulp-rtlcss/issues/2) Add support for RTLCSS configuration. +See [CHANGELOG.md](CHANGELOG.md). [david-dm-image]: http://img.shields.io/david/jjlharrison/gulp-rtlcss.svg?style=flat [david-dm-url]: https://david-dm.org/jjlharrison/gulp-rtlcss