Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency lodash to version 4.17.21 🌟 #16406

Merged
merged 1 commit into from May 10, 2021
Merged

fix(deps): update dependency lodash to version 4.17.21 🌟 #16406

merged 1 commit into from May 10, 2021

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 8, 2021
edited

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
lodash (source) 4.17.19 -> 4.17.21 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-23337

lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Release Notes

lodash/lodash

v4.17.21

Compare Source

v4.17.20

Compare Source

Configuration

📅 Schedule: "" in timezone America/New_York.

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner May 8, 2021 12:51
@renovate renovate bot added renovate Triggered by renovatebot type: dependencies labels May 8, 2021
@renovate renovate bot requested review from flotwig and chrisbreiding and removed request for a team May 8, 2021 12:51
@cypress-bot
Copy link
Contributor

cypress-bot bot commented May 8, 2021

See the guidelines for reviewing dependency updates for info on how to review dependency update PRs.

@cypress
Copy link

cypress bot commented May 8, 2021
edited


Test summary

13796 0 164 5Flakiness 0

Run details
Project cypress
Status Passed
Commit ffacbe7
Started May 10, 2021 3:40 PM
Ended May 10, 2021 3:51 PM
Duration 11:39 💡
OS Linux Debian - 10.8
Browser Multiple

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@renovate renovate bot force-pushed the renovate/npm-lodash-vulnerability branch from 60a1da0 to 822e2b8 Compare May 10, 2021 08:00
@jennifer-shehane jennifer-shehane requested review from jennifer-shehane and removed request for flotwig and chrisbreiding May 10, 2021 13:45
jennifer-shehane
jennifer-shehane previously approved these changes May 10, 2021
View reviewed changes
Copy link
Member

@jennifer-shehane jennifer-shehane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Fixes vulnerabilities.

@renovate renovate bot force-pushed the renovate/npm-lodash-vulnerability branch from 822e2b8 to fbb27f8 Compare May 10, 2021 14:13
@renovate renovate bot force-pushed the renovate/npm-lodash-vulnerability branch from fbb27f8 to ffacbe7 Compare May 10, 2021 15:36
@jennifer-shehane jennifer-shehane merged commit d10694a into develop May 10, 2021
@renovate renovate bot deleted the renovate/npm-lodash-vulnerability branch May 10, 2021 16:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jennifer-shehane jennifer-shehane jennifer-shehane approved these changes

Assignees
No one assigned
Labels
renovate Triggered by renovatebot type: dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jennifer-shehane @renovate-bot