[patch] Update dependency lodash to 4.17.21 [SECURITY] #149

renovate · 2021-05-07T08:29:05Z

This PR contains the following updates:

Package	Change
lodash	`4.17.20` -> `4.17.21`

lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.

renovate bot added the vulnerability label May 7, 2021

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch 4 times, most recently from 7bfe0ee to bd63a0e Compare May 13, 2021 18:32

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch 2 times, most recently from e54ea44 to c5f5bb2 Compare May 19, 2021 13:29

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch 3 times, most recently from 96009cd to e546625 Compare May 28, 2021 16:58

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch 2 times, most recently from c996fa9 to a730a07 Compare June 6, 2021 13:10

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch from a730a07 to a1456e7 Compare June 25, 2021 16:36

[patch] Update dependency lodash to 4.17.21 [SECURITY]

501a5e8

renovate bot force-pushed the renovate/npm-lodash-vulnerability branch from a1456e7 to 501a5e8 Compare July 1, 2021 20:01

camjc approved these changes Jul 8, 2021

View reviewed changes

camjc merged commit 3a65a29 into master Jul 8, 2021

camjc deleted the renovate/npm-lodash-vulnerability branch July 8, 2021 23:18

Provide feedback