Open renovate[bot] opened 2 years ago
Merging #281 (1f1fca9) into master (22f6326) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #281 +/- ##
=======================================
Coverage 46.92% 46.92%
=======================================
Files 4 4
Lines 130 130
Branches 30 30
=======================================
Hits 61 61
Misses 69 69
Continue to review full report at Codecov.
Legend - Click here to learn more
Ξ = absolute <relative> (impact)
,ΓΈ = not affected
,? = missing data
Powered by Codecov. Last update 22f6326...1f1fca9. Read the comment docs.
This PR contains the following updates:
4.17.20
->4.17.21
Test plan: CI should pass with updated dependencies. No review required: this is an automated dependency update PR.
GitHub Vulnerability Alerts
CVE-2021-23337
lodash
versions prior to 4.17.21 are vulnerable to Command Injection via the template function.CVE-2020-28500
All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the
toNumber
,trim
andtrimEnd
functions.Steps to reproduce (provided by reporter Liyuan Chen):
Release Notes
lodash/lodash (lodash)
### [`v4.17.21`](https://togithub.com/lodash/lodash/compare/4.17.20...4.17.21) [Compare Source](https://togithub.com/lodash/lodash/compare/4.17.20...4.17.21)Configuration
π Schedule: Branch creation - "" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.