Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update package.json #1085

Merged
merged 1 commit into from
Jul 25, 2019
Merged

Update package.json #1085

merged 1 commit into from
Jul 25, 2019

Conversation

VinodhiniV
Copy link
Contributor

Updating lodash to ^4.17.15

@coveralls
Copy link

coveralls commented Jul 24, 2019
edited
Loading

Coverage Status

Coverage remained the same at 94.459% when pulling 72f328a on VinodhiniV:master into 48d0e01 on vpulim:master.

@VinodhiniV
Copy link
Contributor Author

We are heavily dependent on this module. Please update the lodash vuln asap

@jsdevel
Copy link
Collaborator

jsdevel commented Jul 24, 2019

what issue are you having with the current version of lodash?

@VinodhiniV
Copy link
Contributor Author

VinodhiniV commented Jul 25, 2019 via email

@jsdevel
Copy link
Collaborator

jsdevel commented Jul 25, 2019

Please update the commit message to reflect that you're upgrading lodash for this purpose, and squash your commits into one.

@VinodhiniV
Copy link
Contributor Author

Hi @jsdevel ,

I had updated the commit message to reflect the purpose of lodash update and squashed the commit .

Thanks!

jsdevel
jsdevel requested changes Jul 25, 2019
View reviewed changes
package.json Outdated
@@ -1,6 +1,6 @@
{
"name": "soap",
"version": "0.28.0",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please revert this. We bump the version when we publish.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure. I have reverted the soap version change

@V-Vinodhini
Prototype pollution in lodash versions <=4.17.11. Hence, updating lod…
72f328a 
…ash version to ^4.17.15 in package.json and package-lock.json
@jsdevel
Copy link
Collaborator

jsdevel commented Jul 25, 2019

Thanks!

@jsdevel jsdevel merged commit e2e25c4 into vpulim:master Jul 25, 2019
@snyk-bot snyk-bot mentioned this pull request Sep 5, 2019
Merged
@snyk-bot snyk-bot mentioned this pull request Sep 24, 2019
Open
@snyk-bot snyk-bot mentioned this pull request Dec 3, 2019
Closed
Danail-Irinkov pushed a commit to Danail-Irinkov/node-soap that referenced this pull request Jan 19, 2020
@VinodhiniV @Danail-Irinkov
Prototype pollution in lodash versions <=4.17.11. Hence, updating lod…
8869643 
…ash version to ^4.17.15 in package.json and package-lock.json (vpulim#1085)
@snyk-bot snyk-bot mentioned this pull request Mar 15, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsdevel jsdevel jsdevel requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@VinodhiniV @coveralls @jsdevel @V-Vinodhini