Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(@vue/cli-service): Update lodash.defaultsdeep #4273

Merged
merged 1 commit into from Jul 11, 2019

Conversation

Projects
None yet
3 participants
@emizzle
Copy link
Contributor

commented Jul 11, 2019

Update lodash.defaultsdeep to version ^4.6.1.

This is causing a high severity vulnerability in our repo.

Fixed in lodash/lodash#4336.

@sodatea

This comment has been minimized.

Copy link
Member

commented Jul 11, 2019

Would you please exclude yarn.lock from the commit? Because otherwise it would be hard for us to cherry-pick this PR to other branches.

fix(@vue/cli-service): Update lodash.defaultsdeep
Update `lodash.defaultsdeep` to version `^4.6.1`.

This is causing a high severity vulnerability in our repo.

Fixed in lodash/lodash#4336.

@emizzle emizzle force-pushed the emizzle:fix/deps/update-lodash.defaultsdeep branch from ed34b96 to bb51a67 Jul 11, 2019

@emizzle

This comment has been minimized.

Copy link
Contributor Author

commented Jul 11, 2019

@sodatea Done.

@sodatea sodatea merged commit 4267b54 into vuejs:v3 Jul 11, 2019

7 checks passed

ci/circleci: cli-ui Your tests passed on CircleCI!
Details
ci/circleci: group-1 Your tests passed on CircleCI!
Details
ci/circleci: group-2 Your tests passed on CircleCI!
Details
ci/circleci: group-3 Your tests passed on CircleCI!
Details
ci/circleci: group-4 Your tests passed on CircleCI!
Details
ci/circleci: install Your tests passed on CircleCI!
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
@vue-bot

This comment has been minimized.

Copy link

commented Jul 11, 2019

Hey @emizzle, thank you for your time and effort spent on this PR, contributions like yours help make Vue better for everyone. Cheers! 💚

sodatea added a commit that referenced this pull request Jul 11, 2019

fix(@vue/cli-service): Update lodash.defaultsdeep (#4273)
Update `lodash.defaultsdeep` to version `^4.6.1`.

This is causing a high severity vulnerability in our repo.

Fixed in lodash/lodash#4336.

(cherry picked from commit 4267b54)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.