-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update package.json #1085
Update package.json #1085
Conversation
We are heavily dependent on this module. Please update the lodash vuln asap |
what issue are you having with the current version of lodash? |
Prototype pollution in lodash versions <=4.17.11
…On Wed, 24 Jul, 2019, 22:51 Joe Spencer, ***@***.***> wrote:
what issue are you having with the current version of lodash?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#1085?email_source=notifications&email_token=AIAWG3JMW4E6KM6OBYYSGGLQBCFRZA5CNFSM4IGQK6I2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2XAZVA#issuecomment-514723028>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AIAWG3MX33PDL5G74RRYTITQBCFRZANCNFSM4IGQK6IQ>
.
|
Please update the commit message to reflect that you're upgrading lodash for this purpose, and squash your commits into one. |
Hi @jsdevel , I had updated the commit message to reflect the purpose of lodash update and squashed the commit . Thanks! |
package.json
Outdated
@@ -1,6 +1,6 @@ | |||
{ | |||
"name": "soap", | |||
"version": "0.28.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please revert this. We bump the version when we publish.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. I have reverted the soap version change
…ash version to ^4.17.15 in package.json and package-lock.json
Thanks! |
…ash version to ^4.17.15 in package.json and package-lock.json (vpulim#1085)
Updating lodash to ^4.17.15