-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): update dependency underscore to ~1.12.0 [security] #358
Open
renovate
wants to merge
1
commit into
master
Choose a base branch
from
renovate/npm-underscore-vulnerability
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
September 18, 2023 07:59
f51adf5
to
b277634
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
3 times, most recently
from
September 25, 2023 10:07
f83832f
to
dd4835e
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
October 18, 2023 07:28
dd4835e
to
c36893b
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
November 8, 2023 13:25
c36893b
to
d2bec8a
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
3 times, most recently
from
November 20, 2023 11:26
d9be4f0
to
00c56ae
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
3 times, most recently
from
December 4, 2023 09:23
9501556
to
d30518e
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
December 18, 2023 09:39
4400898
to
8538593
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
5 times, most recently
from
January 15, 2024 11:28
aae56ed
to
6f937ca
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
January 22, 2024 10:35
6f937ca
to
a0512ff
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
February 5, 2024 09:31
a0512ff
to
37f6866
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
February 12, 2024 10:18
37f6866
to
704ac98
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
February 26, 2024 09:07
9b5ea19
to
7d8f9f0
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
March 11, 2024 08:29
c8be84b
to
12b8b72
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
March 18, 2024 10:58
6a016bf
to
95062d5
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
March 25, 2024 12:03
95062d5
to
be113a8
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
4 times, most recently
from
October 7, 2024 09:06
25b3a26
to
a6a25df
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
October 7, 2024 15:28
6d68354
to
245e388
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
3 times, most recently
from
October 21, 2024 17:34
90411fa
to
ad279f5
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
October 28, 2024 10:40
ad279f5
to
78f0360
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
2 times, most recently
from
November 11, 2024 10:56
d771336
to
9854d3a
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
November 18, 2024 09:51
9854d3a
to
283ca41
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
November 25, 2024 10:14
283ca41
to
3d12358
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
December 2, 2024 12:53
3d12358
to
75bb60f
Compare
renovate
bot
changed the title
fix(deps): update dependency underscore to ~1.12.0 [security]
fix(deps): update dependency underscore to ~1.12.0 [security] - autoclosed
Dec 8, 2024
auto-merge was automatically disabled
December 8, 2024 18:39
Pull request was closed
renovate
bot
changed the title
fix(deps): update dependency underscore to ~1.12.0 [security] - autoclosed
fix(deps): update dependency underscore to ~1.12.0 [security]
Dec 8, 2024
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
December 8, 2024 23:12
6c7a15c
to
75bb60f
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
5 times, most recently
from
December 20, 2024 04:12
ee01247
to
3fe0e04
Compare
renovate
bot
force-pushed
the
renovate/npm-underscore-vulnerability
branch
from
December 20, 2024 08:38
3fe0e04
to
6bebed5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
~1.8.3
->~1.12.0
GitHub Vulnerability Alerts
CVE-2021-23358
The package
underscore
from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.Release Notes
jashkenas/underscore (underscore)
v1.12.1
Compare Source
v1.12.0
Compare Source
v1.11.0
Compare Source
v1.10.2
Compare Source
v1.10.1
Compare Source
v1.10.0
Compare Source
v1.9.2
Compare Source
v1.9.1
Compare Source
v1.9.0
Compare Source
Configuration
📅 Schedule: Branch creation - "" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.