8000
[Snyk] Upgrade lodash from 4.17.11 to 4.17.21 #24
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade lodash from 4.17.11 to 4.17.21. See this package in npm: https://www.npmjs.com/package/lodash See this project in Snyk: https://app.snyk.io/org/jswheeler/project/7b76f264-449f-4bdf-aaba-ece8eea7741e?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Snyk has created this PR to upgrade lodash from 4.17.11 to 4.17.21.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-NORMALIZEURL-1296539
Why? CVSS 7.5
SNYK-JS-INI-1048974
Why? CVSS 7.5
SNYK-JS-AWSSDK-1059424
Why? CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
Why? CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
Why? CVSS 7.5
SNYK-JS-GLOBPARENT-1016905
Why? CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: lodash
-
4.17.21 - 2021-02-20
-
4.17.20 - 2020-08-13
-
4.17.19 - 2020-07-08
-
4.17.18 - 2020-07-08
-
4.17.17 - 2020-07-08
-
4.17.16 - 2020-07-08
-
4.17.15 - 2019-07-19
-
4.17.14 - 2019-07-10
-
4.17.13 - 2019-07-09
-
4.17.12 - 2019-07-09
-
4.17.11 - 2018-09-12
from lodash GitHub release notesNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs