We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It seems lodash again has a severe vulnerability before 4.17.13
More info about the vulnerability: lodash/lodash#4336
Current version of lodash in package.lock: 4.17.11 (https://github.com/oncletom/crx/blob/master/package-lock.json#L1712)
A previous vulnerability fix was done here: #89, I guess this one can be done the same way.
The text was updated successfully, but these errors were encountered:
e27b47a
Hey @th0rgall, thank you for signaling this dependency issue.
The only not-up-to-date dependency is a dev one, github-changes.
github-changes
crx@5.0.1 /Users/oncletom/workspace/crx ├─┬ archiver@3.0.3 │ └─┬ async@2.6.3 │ └── lodash@4.17.15 ├─┬ eslint@5.16.0 │ ├─┬ inquirer@6.3.1 │ │ └── lodash@4.17.15 │ ├── lodash@4.17.15 │ └─┬ table@5.2.3 │ └── lodash@4.17.15 ├─┬ github-changes@1.1.2 │ └── lodash@2.4.1 └─┬ nyc@14.1.1 └─┬ istanbul-lib-instrument@3.3.0 ├─┬ @babel/generator@7.5.5 │ └── lodash@4.17.15 deduped ├─┬ @babel/traverse@7.5.5 │ └── lodash@4.17.15 deduped └─┬ @babel/types@7.5.5 └── lodash@4.17.15 deduped
The new patch release should be automatically published online in a few minutes.
Sorry, something went wrong.
No branches or pull requests
It seems lodash again has a severe vulnerability before 4.17.13
More info about the vulnerability: lodash/lodash#4336
Current version of lodash in package.lock: 4.17.11 (https://github.com/oncletom/crx/blob/master/package-lock.json#L1712)
A previous vulnerability fix was done here: #89, I guess this one can be done the same way.
The text was updated successfully, but these errors were encountered: