Skip to content
This repository has been archived by the owner on Mar 4, 2020. It is now read-only.

fix: vulnerable lodash dependency #840

Merged
merged 3 commits into from
Feb 5, 2019
Merged

fix: vulnerable lodash dependency #840

merged 3 commits into from
Feb 5, 2019

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Feb 5, 2019
edited by kuzhelov
Loading

Description

This PR fixes one or more vulnerable packages in the npm dependencies of this project.
See the Snyk test report for more details.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:

@kuzhelov kuzhelov changed the title [Snyk] Fix for 2 vulnerable dependencies [Snyk] Fix vulnerable lodash dependency Feb 5, 2019
@kuzhelov kuzhelov added the 🧰 fix Introduces fix for broken behavior. label Feb 5, 2019
@kuzhelov kuzhelov changed the title [Snyk] Fix vulnerable lodash dependency fix: vulnerable lodash dependency Feb 5, 2019
layershifter
layershifter reviewed Feb 5, 2019
View reviewed changes
Copy link
Member

@layershifter layershifter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yarn.lock should be also updated

@codecov
Copy link

codecov bot commented Feb 5, 2019
edited
Loading

Codecov Report

Merging #840 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #840   +/-   ##
=======================================
  Coverage   93.54%   93.54%           
=======================================
  Files          21       21           
  Lines         728      728           
  Branches       69       69           
=======================================
  Hits          681      681           
  Misses         47       47

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 21c2f9e...5bf78d2. Read the comment docs.

@layershifter layershifter merged commit faf1e2a into master Feb 5, 2019
@layershifter layershifter deleted the snyk-fix-amivel branch February 5, 2019 10:11
This was referenced Mar 11, 2020
Merged
Merged
@DustyTheBot DustyTheBot mentioned this pull request Nov 16, 2021
Merged
2 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@layershifter layershifter layershifter approved these changes

@dvdzkwsk dvdzkwsk Awaiting requested review from dvdzkwsk

@kuzhelov kuzhelov Awaiting requested review from kuzhelov

@levithomason levithomason Awaiting requested review from levithomason levithomason is a code owner

@miroslavstastny miroslavstastny Awaiting requested review from miroslavstastny miroslavstastny is a code owner

@mnajdova mnajdova Awaiting requested review from mnajdova

Assignees
No one assigned
Labels
🧰 fix Introduces fix for broken behavior.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@snyk-bot @layershifter @kuzhelov @kuzhelov-ms