Open prashantswami opened 3 months ago
@seppevs Can we get this in as soon as possible. We are using this package and loadsh has security vulnerabilities.
Let me know if you need any help in this.
@seppevs can we get this in?
I patched in your PR minus the i
package into my fork (which also has way more features than this lib):
Summary:
This PR replaces the use of the full Lodash library with smaller, modular Lodash packages. The goal is to optimize our application by reducing its bundle size, improving load times, and ensuring more efficient dependency management.
Details:
_.get
->lodash.get
_.filter
->lodash.filter
_.last
->lodash.last
_.find
->lodash.find
_.isempty
->lodash.isempty
_.values
->lodash.values
Benefits:
Security Concern:
We do use this package and blackduck (security scan) has identified issues in some of the files of loadsh.
Checklist
npm test
passes and has 100% coverage