Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency underscore to ~1.12.0 [security] #358

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 4, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
underscore (source) ~1.8.3 -> ~1.12.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.


Release Notes

jashkenas/underscore (underscore)

v1.12.1

Compare Source

v1.12.0

Compare Source

v1.11.0

Compare Source

v1.10.2

Compare Source

v1.10.1

Compare Source

v1.10.0

Compare Source

v1.9.2

Compare Source

v1.9.1

Compare Source

v1.9.0

Compare Source


Configuration

📅 Schedule: Branch creation - "" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from f51adf5 to b277634 Compare September 18, 2023 07:59
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from f83832f to dd4835e Compare September 25, 2023 10:07
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from dd4835e to c36893b Compare October 18, 2023 07:28
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from c36893b to d2bec8a Compare November 8, 2023 13:25
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from d9be4f0 to 00c56ae Compare November 20, 2023 11:26
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from 9501556 to d30518e Compare December 4, 2023 09:23
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from 4400898 to 8538593 Compare December 18, 2023 09:39
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 5 times, most recently from aae56ed to 6f937ca Compare January 15, 2024 11:28
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 6f937ca to a0512ff Compare January 22, 2024 10:35
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from a0512ff to 37f6866 Compare February 5, 2024 09:31
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 37f6866 to 704ac98 Compare February 12, 2024 10:18
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from 9b5ea19 to 7d8f9f0 Compare February 26, 2024 09:07
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from c8be84b to 12b8b72 Compare March 11, 2024 08:29
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from 6a016bf to 95062d5 Compare March 18, 2024 10:58
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 95062d5 to be113a8 Compare March 25, 2024 12:03
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 4 times, most recently from 25b3a26 to a6a25df Compare October 7, 2024 09:06
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from 6d68354 to 245e388 Compare October 7, 2024 15:28
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from 90411fa to ad279f5 Compare October 21, 2024 17:34
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from ad279f5 to 78f0360 Compare October 28, 2024 10:40
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from d771336 to 9854d3a Compare November 11, 2024 10:56
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 9854d3a to 283ca41 Compare November 18, 2024 09:51
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 283ca41 to 3d12358 Compare November 25, 2024 10:14
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 3d12358 to 75bb60f Compare December 2, 2024 12:53
@renovate renovate bot changed the title fix(deps): update dependency underscore to ~1.12.0 [security] fix(deps): update dependency underscore to ~1.12.0 [security] - autoclosed Dec 8, 2024
@renovate renovate bot closed this Dec 8, 2024
auto-merge was automatically disabled December 8, 2024 18:39

Pull request was closed

@renovate renovate bot deleted the renovate/npm-underscore-vulnerability branch December 8, 2024 18:39
@renovate renovate bot changed the title fix(deps): update dependency underscore to ~1.12.0 [security] - autoclosed fix(deps): update dependency underscore to ~1.12.0 [security] Dec 8, 2024
@renovate renovate bot reopened this Dec 8, 2024
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 6c7a15c to 75bb60f Compare December 8, 2024 23:12
@renovate renovate bot enabled auto-merge (squash) December 9, 2024 01:28
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 5 times, most recently from ee01247 to 3fe0e04 Compare December 20, 2024 04:12
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 3fe0e04 to 6bebed5 Compare December 20, 2024 08:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants