A minimal flexbox grid system named after a cute dog.

By Eric Stout
Last update: Nov 5, 2022
Comments: 16

Ginger

Ginger is a minimal flexbox 12 column grid system named after a cute dog. It doesn't give you any fancy extras like some other frameworks, but what it does give you is a solid lightweight grid system to make developing and designing your next site easy and quick.

Installing Ginger

There are two ways to install Ginger.

Note: as of August 2020, bower is no longer supported

Clone the repository or download the files to your project
Install via npm/yarn using npm install ginger-grid --save or yarn add ginger-grid

When setting up the scss file for your project be sure to include the Ginger settings file before importing ginger.scss. An example scss file may look like this:

// Include Ginger
@import "ginger/settings";
@import "ginger/ginger";

It's important to note that you may get a compile error if you're not including the path to Ginger when compiling your styles.

You can view all the documentation at gingergrid.com.

Issues / Bugs / Contributions

If you have feedback, find a bug, or want to make contributions, please don't hesitate to open an issue or make a pull request.

Special thanks to Allison Perlis for the rad Ginger logo!

Github

https://github.com/erwstout/ginger/

Comments(16)

1

Justify Content classes not applying to block grids
Adjusting block grids should/could be done with row helper classes but the block-grid properties override.

HTML
```
<div class="posts-container sm-block-grid-1 block-grid-3 row--justify-content-start"></div>
```
2

Add overflow:hidden to columns

Firefox doesn't listen to flex-basis values, for instance if flex-basis: 50% and contains a large image, etc.. it expands. Adding overflow:hidden fixes the issue.
3

Add negative margin on nested rows

Currently nested rows get indented. This is due to the padding that is set on the columns. Easy way to fix this is just to have any nested row have a negative margin that is equal to whatever the column padding is.
4

IE 10/11 Flex Basis Bug
Ginger has the following issue as pointed out by Phillip Walton

An explicit flex-basis value (i.e., any value other than auto) is supposed to act just like width or height. It determines the initial size of a flex item and then the other flexibility properties allow it to grow or shrink accordingly.

IE 10-11 always assume a content box model when using flex-basis to determine a flex item's size, even if that item is set to box-sizing:border-box. Demo 7.1.a shows that an item with a flex-basis value of 100% will overflow its container by the amount of its border plus its padding.

The fix should look something like this:
```
.col-4{
  width: 33.33%;
  flex-basis: auto;
}
```
5

Bump minimist from 1.2.5 to 1.2.6
Bumps minimist from 1.2.5 to 1.2.6.
Commits
- 7efb22a 1.2.6
- ef88b93 security notice for additional prototype pollution issue
- c2b9819 isConstructorOrProto adapted from PR
- bc8ecee test from prototype pollution PR
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
6

Bump path-parse from 1.0.6 to 1.0.7
Bumps path-parse from 1.0.6 to 1.0.7.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
7

Bump normalize-url from 5.1.0 to 5.3.1
Bumps normalize-url from 5.1.0 to 5.3.1.
Release notes

Sourced from normalize-url's releases.
v5.3.0
- Throw a friendly error on view-source: input (#124) ddf2584
https://github.com/sindresorhus/normalize-url/compare/v5.2.1...v5.3.0

v5.2.1
- Fix removeSingleSlash option adding slashes (#122) 1e06753
https://github.com/sindresorhus/normalize-url/compare/v5.2.0...v5.2.1

v5.2.0
- Add removeSingleSlash option (#120) 18effbe
https://github.com/sindresorhus/normalize-url/compare/v5.1.0...v5.2.0
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
8

Bump trim-newlines from 3.0.0 to 3.0.1
Bumps trim-newlines from 3.0.0 to 3.0.1.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
9

Bump hosted-git-info from 2.8.8 to 2.8.9
Bumps hosted-git-info from 2.8.8 to 2.8.9.
Changelog

Sourced from hosted-git-info's changelog.
2.8.9 (2021-04-07)

Bug Fixes
- backport regex fix from #76 (29adfe5), closes #84
Commits
- 8d4b369 chore(release): 2.8.9
- 29adfe5 fix: backport regex fix from #76
- See full diff in compare view
Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
10

Bump y18n from 4.0.0 to 4.0.1
Bumps y18n from 4.0.0 to 4.0.1.
Changelog

Sourced from y18n's changelog.
Change Log

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.0.5 (2020-10-25)

Bug Fixes
- address prototype pollution issue (#108) (a9ac604)
5.0.4 (2020-10-16)

Bug Fixes
- exports: node 13.0 and 13.1 require the dotted object form with a string fallback (#105) (4f85d80)
5.0.3 (2020-10-16)

Bug Fixes
- exports: node 13.0-13.6 require a string fallback (#103) (e39921e)
5.0.2 (2020-10-01)

Bug Fixes
- deno: update types for deno ^1.4.0 (#100) (3834d9a)
5.0.1 (2020-09-05)

Bug Fixes
- main had old index path (#98) (124f7b0)
5.0.0 (2020-09-05)

⚠ BREAKING CHANGES
- exports maps are now used, which modifies import behavior.
- drops Node 6 and 4. begin following Node.js LTS schedule (#89)
Features
- add support for ESM and Deno #95) (4d7ae94)
... (truncated)
Commits
- See full diff in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
11

Bump ini from 1.3.5 to 1.3.7
Bumps ini from 1.3.5 to 1.3.7.
Commits
- c74c8af 1.3.7
- 024b8b5 update deps, add linting
- 032fbaf Use Object.create(null) to avoid default object property hazards
- 2da9039 1.3.6
- cfea636 better git push script, before publish instead of after
- 56d2805 do not allow invalid hazardous string as section name
- See full diff in compare view
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
12

Bump node-fetch from 2.6.0 to 2.6.7
Bumps node-fetch from 2.6.0 to 2.6.7.
Release notes

Sourced from node-fetch's releases.
v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed
- fix: don't forward secure headers to 3th party by @jimmywarting in node-fetch/node-fetch#1453
Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7

v2.6.6

What's Changed
- fix(URL): prefer built in URL version when available and fallback to whatwg by @jimmywarting in node-fetch/node-fetch#1352
Full Changelog: https://github.com/node-fetch/node-fetch/compare/v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.
Changelog

Sourced from node-fetch's changelog.
Changelog

All notable changes will be recorded here.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

What's Changed
- core: update fetch-blob by @jimmywarting in node-fetch/node-fetch#1371
- docs: Fix typo around sending a file by @jimmywarting in node-fetch/node-fetch#1381
- core: (http.request): Cast URL to string before sending it to NodeJS core by @jimmywarting in node-fetch/node-fetch#1378
- core: handle errors from the request body stream by @mdmitry01 in node-fetch/node-fetch#1392
- core: Better handle wrong redirect header in a response by @tasinet in node-fetch/node-fetch#1387
- core: Don't use buffer to make a blob by @jimmywarting in node-fetch/node-fetch#1402
- docs: update readme for TS @types/node-fetch by @adamellsworth in node-fetch/node-fetch#1405
- core: Fix logical operator priority to disallow GET/HEAD with non-empty body by @maxshirshin in node-fetch/node-fetch#1369
- core: Don't use global buffer by @jimmywarting in node-fetch/node-fetch#1422
- ci: fix main branch by @dnalborczyk in node-fetch/node-fetch#1429
- core: use more node: protocol imports by @dnalborczyk in node-fetch/node-fetch#1428
- core: Warn when using data by @jimmywarting in node-fetch/node-fetch#1421
- docs: Create SECURITY.md by @JamieSlome in node-fetch/node-fetch#1445
- core: don't forward secure headers to 3th party by @jimmywarting in node-fetch/node-fetch#1449
New Contributors
- @mdmitry01 made their first contribution in node-fetch/node-fetch#1392
- @tasinet made their first contribution in node-fetch/node-fetch#1387
- @adamellsworth made their first contribution in node-fetch/node-fetch#1405
- @maxshirshin made their first contribution in node-fetch/node-fetch#1369
- @JamieSlome made their first contribution in node-fetch/node-fetch#1445
Full Changelog: https://github.com/node-fetch/node-fetch/compare/v3.1.0...v3.1.2

3.1.0

What's Changed
- fix(Body): Discourage form-data and buffer() by @jimmywarting in node-fetch/node-fetch#1212
- fix: Pass url string to http.request by @serverwentdown in node-fetch/node-fetch#1268
- Fix octocat image link by @lakuapik in node-fetch/node-fetch#1281
- fix(Body.body): Normalize Body.body into a node:stream by @jimmywarting in node-fetch/node-fetch#924
- docs(Headers): Add default Host request header to README.md file by @robertoaceves in node-fetch/node-fetch#1316
- Update CHANGELOG.md by @jimmywarting in node-fetch/node-fetch#1292
- Add highWaterMark to cloned properties by @davesidious in node-fetch/node-fetch#1162
- Update README.md to fix HTTPResponseError by @thedanfernandez in node-fetch/node-fetch#1135
- docs: switch url to URL by @dhritzkiv in node-fetch/node-fetch#1318
- fix(types): declare buffer() deprecated by @dnalborczyk in node-fetch/node-fetch#1345
- chore: fix lint by @dnalborczyk in node-fetch/node-fetch#1348
- refactor: use node: prefix for imports by @dnalborczyk in node-fetch/node-fetch#1346
- Bump data-uri-to-buffer from 3.0.1 to 4.0.0 by @dependabot in node-fetch/node-fetch#1319
- Bump mocha from 8.4.0 to 9.1.3 by @dependabot in node-fetch/node-fetch#1339
- Referrer and Referrer Policy by @tekwiz in node-fetch/node-fetch#1057
- Add typing for Response.redirect(url, status) by @c-w in node-fetch/node-fetch#1169
... (truncated)
Commits
- 1ef4b56 backport of #1449 (#1453)
- 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
- f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
- b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
- 18193c5 fix v2.6.3 that did not sending query params (#1301)
- ace7536 fix: properly encode url with unicode characters (#1291)
- 152214c Fix(package.json): Corrected main file path in package.json (#1274)
- b5e2e41 update version number
- 2358a6c Honor the size option after following a redirect and revert data uri support
- 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
- Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
13

Bump glob-parent from 5.1.1 to 5.1.2
Bumps glob-parent from 5.1.1 to 5.1.2.
Release notes

Sourced from glob-parent's releases.
v5.1.2

Bug Fixes
- eliminate ReDoS (#36) (f923116)
Changelog

Sourced from glob-parent's changelog.
5.1.2 (2021-03-06)

Bug Fixes
- eliminate ReDoS (#36) (f923116)
6.0.0 (2021-05-03)

⚠ BREAKING CHANGES
- Correct mishandled escaped path separators (#34)
- upgrade scaffold, dropping node <10 support
Bug Fixes
- Correct mishandled escaped path separators (#34) (32f6d52), closes #32
Miscellaneous Chores
- upgrade scaffold, dropping node <10 support (e83d0c5)
Commits
- eb2c439 chore: update changelog
- 12bcb6c chore: release 5.1.2
- f923116 fix: eliminate ReDoS (#36)
- 0b014a7 chore: add JSDoc returns information (#33)
- 2b24ebd chore: generate initial changelog
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
14

Bump handlebars from 4.7.6 to 4.7.7
Bumps handlebars from 4.7.6 to 4.7.7.
Changelog

Sourced from handlebars's changelog.
v4.7.7 - February 15th, 2021
- fix weird error in integration tests - eb860c0
- fix: check prototype property access in strict-mode (#1736) - b6d3de7
- fix: escape property names in compat mode (#1736) - f058970
- refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
- chore: start testing on Node.js 12 and 13 - 3789a30
(POSSIBLY) BREAKING CHANGES:
- the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.
That is why we only bump the patch version despite mentioning breaking changes.

Commits
Commits
- a9a8e40 v4.7.7
- e66aed5 Update release notes
- 7d4d170 disable IE in Saucelabs tests
- eb860c0 fix weird error in integration tests
- b6d3de7 fix: check prototype property access in strict-mode (#1736)
- f058970 fix: escape property names in compat mode (#1736)
- 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
- 3789a30 chore: start testing on Node.js 12 and 13
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
15

Bump lodash from 4.17.19 to 4.17.21
Bumps lodash from 4.17.19 to 4.17.21.
Commits
- f299b52 Bump to v4.17.21
- c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
- 3469357 Prevent command injection through _.template's variable option
- ded9bc6 Bump to v4.17.20.
- 63150ef Documentation fixes.
- 00f0f62 test.js: Remove trailing comma.
- 846e434 Temporarily use a custom fork of lodash-cli.
- 5d046f3 Re-enable Travis tests on 4.17 branch.
- aa816b3 Remove /npm-package.
- See full diff in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
16

Cascade Order for Block Grid Alignments

Similar to issue #42 - but this is because the classes are created before the @for loop of the block grids, therefor the overrides do not get applied. These need to be moved down in the components/_block-grids.scss file. Thanks to @dmalkin for pointing this out.

A minimal flexbox grid system named after a cute dog.

Ginger

Installing Ginger

Issues / Bugs / Contributions

Github

Comments(16)

Justify Content classes not applying to block grids

Add overflow:hidden to columns

Add negative margin on nested rows

IE 10/11 Flex Basis Bug

Bump minimist from 1.2.5 to 1.2.6

Bump path-parse from 1.0.6 to 1.0.7

Bump normalize-url from 5.1.0 to 5.3.1

v5.3.0

v5.2.1

v5.2.0

Bump trim-newlines from 3.0.0 to 3.0.1

Bump hosted-git-info from 2.8.8 to 2.8.9

2.8.9 (2021-04-07)

Bug Fixes

Bump y18n from 4.0.0 to 4.0.1

Change Log

5.0.5 (2020-10-25)

Bug Fixes

5.0.4 (2020-10-16)

Bug Fixes

5.0.3 (2020-10-16)

Bug Fixes

5.0.2 (2020-10-01)

Bug Fixes

5.0.1 (2020-09-05)

Bug Fixes

5.0.0 (2020-09-05)

⚠ BREAKING CHANGES

Features

Bump ini from 1.3.5 to 1.3.7

Bump node-fetch from 2.6.0 to 2.6.7

v2.6.7

Security patch release

What's Changed

v2.6.6

What's Changed

v2.6.2

v2.6.1

Changelog

What's Changed

New Contributors

3.1.0

What's Changed

Bump glob-parent from 5.1.1 to 5.1.2

v5.1.2

Bug Fixes

5.1.2 (2021-03-06)

Bug Fixes

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

Bug Fixes

Miscellaneous Chores

Bump handlebars from 4.7.6 to 4.7.7

v4.7.7 - February 15th, 2021

Bump lodash from 4.17.19 to 4.17.21

Cascade Order for Block Grid Alignments

Popular Tag

Related