Upgrade lodash to fix a security issue#776

Merged

xzyfer merged 1 commit intomasterfrom

unknown repository

Jun 24, 2021

ghost commented Oct 15, 2020 •

edited by ghost

Loading

Synk analysis flags lodash as having a security issue around
prototype pollution. This upgrades to the first version
that fixes this issue.

Resolves: #775
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-567746
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-590103
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-608086
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-450202
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-73638
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-73639


          Upgrade lodash to fix a security issue

a284ea6

Synk analysis flags lodash as having a security issue around
prototype pollution. This upgrades to the first version
that fixes this issue.

Resolves: #775
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-567746
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-590103
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-608086
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-450202
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-73638
Relates to: https://app.snyk.io/vuln/SNYK-JS-LODASH-73639

mxmason mentioned this pull request

Update to major version 5 #802

Merged

10 tasks

Contributor

mxmason commented Jun 16, 2021

The issue related to this will be solved in #802 by 0ccfa8b

xzyfer merged commit 947b26c into dlmanning:master

Collaborator

xzyfer commented Jun 24, 2021

Released in 4.1.1 so it's available without adopting a major version bump.

YoutacRandS-VA mentioned this pull request

[Snyk] Upgrade gulp-sass from 3.2.1 to 5.1.0 YoutacRandS-VA/enquirer#5

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet