Skip to content
This repository was archived by the owner on Jan 12, 2026. It is now read-only.

Update dependency lodash to v4.17.13 [SECURITY] #7

Open
renovate wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency lodash to v4.17.13 [SECURITY] #7

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link

@renovate renovate bot commented Jul 13, 2019

This PR contains the following updates:

Package Type Update Change
lodash (source) devDependencies patch 4.17.11 -> 4.17.13

GitHub Vulnerability Alerts

CVE-2019-10744

Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

Release Notes

lodash/lodash

v4.17.13

Compare Source

Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or if you modify the PR title to begin with "rebase!".

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot. View repository job log here.

@jankarres jankarres force-pushed the master branch 2 times, most recently from fb983af to a74a23e Compare March 24, 2020 16:51
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renovate-bot