Skip to content

Bump lodash from 4.17.23 to 4.18.1 #20492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jcortes merged 1 commit into from
Apr 7, 2026
Merged

Bump lodash from 4.17.23 to 4.18.1 #20492

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion components/amilia/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@
"dependencies": {
"@pipedream/platform": "^1.6.8",
"async-retry": "^1.3.3",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/asana/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"author": "Pipedream <support@pipedream.com> (https://pipedream.com/)",
"dependencies": {
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
},
"gitHead": "e12480b94cc03bed4808ebc6b13e7fdb3a1ba535",
"publishConfig": {
Expand Down
2 changes: 1 addition & 1 deletion components/clickup/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@
},
"dependencies": {
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/constant_contact/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/diabatix_coldstream/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"access": "public"
},
"dependencies": {
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"@pipedream/platform": "^1.6.8"
}
}
Expand Down
2 changes: 1 addition & 1 deletion components/drata/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Read-only verification of lodash version consistency in manifests and lockfiles

set -euo pipefail

echo "== package.json entries for lodash =="
rg -n '"lodash"\s*:\s*"\^?4\.18\.1"' --glob '**/package.json' || true

echo
echo "== any remaining old lodash constraints in package.json =="
rg -n '"lodash"\s*:\s*"\^?4\.17\.23"' --glob '**/package.json' || true

echo
echo "== lockfiles present =="
fd -i '(^|/)(package-lock\.json|yarn\.lock|pnpm-lock\.yaml)$' || true

echo
echo "== lockfile references to lodash 4.18.1 =="
rg -n 'lodash.*4\.18\.1|4\.18\.1.*lodash' --glob '**/package-lock.json' --glob '**/yarn.lock' --glob '**/pnpm-lock.yaml' || true

Repository: PipedreamHQ/pipedream

Length of output: 3409

🏁 Script executed:

cd components/drata && pwd && head -20 package.json && ls -la | grep -i change

Repository: PipedreamHQ/pipedream

Length of output: 538

🏁 Script executed:

find components/drata -maxdepth 2 -type f \( -name 'CHANGELOG*' -o -name 'package.json' \) | head -20

Repository: PipedreamHQ/pipedream

Length of output: 94

Dependency update is correct, but version bump and changelog entry are required to complete this change.

Line 17 cleanly updates lodash to ^4.18.1. However, this component also needs:

  • Patch version bump in components/drata/package.json (currently 0.0.50.0.6)
  • CHANGELOG.md entry documenting the lodash security fix

The lockfile is consistent; all lodash references resolve to 4.18.1 as expected.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@components/drata/package.json` at line 17, Update the component metadata and
docs to reflect the lodash update: bump the "version" field in
components/drata/package.json from 0.0.5 to 0.0.6 and add a new entry in
components/drata/CHANGELOG.md noting the lodash security fix (include upgraded
version 4.18.1 and a short description/reference to the fix); ensure the
package.json version string exactly matches the new patch level and the
changelog entry is placed at the top under an appropriate unreleased or
versioned header.

}
}
2 changes: 1 addition & 1 deletion components/dropbox/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"dropbox": "^10.34.0",
"got": "^13.0.0",
"isomorphic-fetch": "^3.0.0",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"stream": "^0.0.3",
"tmp-promise": "^3.0.3",
"util": "^0.12.5"
Expand Down
2 changes: 1 addition & 1 deletion components/eventbrite/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"timezones-list": "^3.0.2"
}
}
2 changes: 1 addition & 1 deletion components/faunadb/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
"dependencies": {
"@pipedream/platform": "^1.6.8",
"faunadb": "^4.5.4",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
},
"gitHead": "e12480b94cc03bed4808ebc6b13e7fdb3a1ba535",
"publishConfig": {
Expand Down
2 changes: 1 addition & 1 deletion components/flodesk/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/gitlab/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"author": "Pipedream <support@pipedream.com> (https://pipedream.com/)",
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"uuid": "^8.3.2"
},
"gitHead": "e12480b94cc03bed4808ebc6b13e7fdb3a1ba535",
Expand Down
2 changes: 1 addition & 1 deletion components/gitlab_developer_app/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"author": "Pipedream <support@pipedream.com> (https://pipedream.com/)",
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"uuid": "^8.3.2",
"@pipedream/gitlab": "^0.5.6"
},
Expand Down
2 changes: 1 addition & 1 deletion components/google_drive/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"cron-parser": "^4.9.0",
"google-docs-mustaches": "^1.2.2",
"got": "13.0.0",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"md5": "^2.3.0",
"mime-db": "^1.51.0",
"uuid": "^8.3.2"
Expand Down
2 changes: 1 addition & 1 deletion components/google_sheets/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"@googleapis/sheets": "^0.3.0",
"@pipedream/google_drive": "^1.1.1",
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"uuidv4": "^6.2.6",
"zlib": "^1.0.5"
},
Expand Down
2 changes: 1 addition & 1 deletion components/jumpseller/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/mailgun/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"@pipedream/helper_functions": "^0.3.7",
"@pipedream/platform": "^1.6.8",
"form-data": "^4.0.4",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"lodash.get": "^4.4.2",
"mailgun.js": "^3.5.2"
}
Expand Down
2 changes: 1 addition & 1 deletion components/pcloud/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
"dependencies": {
"@pipedream/platform": "^1.6.8",
"async-retry": "^1.3.1",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"pcloud-sdk-js": "^2.0.0"
},
"publishConfig": {
Expand Down
2 changes: 1 addition & 1 deletion components/process_street/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/reddit/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"@pipedream/platform": "^3.1.1",
"async-retry": "^1.3.3",
"axios": "0.30.3",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"qs": "^6.14.2"
}
}
2 changes: 1 addition & 1 deletion components/riskadvisor/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/salesforce_rest_api/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"@pipedream/platform": "^3.1.1",
"fast-xml-parser": "^5.5.7",
"handlebars": "^4.7.9",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"lodash-es": "^4.18.1",
"salesforce-webhooks": "^1.1.11",
"uuid": "^9.0.1"
Expand Down
2 changes: 1 addition & 1 deletion components/sendgrid/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"@sendgrid/eventwebhook": "^7.4.5",
"async-retry": "^1.3.1",
"fs": "^0.0.1-security",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"mime": "^4.0.6",
"uuid": "^8.3.2",
"validate.js": "^0.13.1"
Expand Down
2 changes: 1 addition & 1 deletion components/short/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
},
"dependencies": {
"@pipedream/platform": "^1.6.8",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/shortcut/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"@pipedream/platform": "^3.1.1",
"@shortcut/client": "^2.2.0",
"async-retry": "^1.3.1",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"validate.js": "^0.13.1"
},
"publishConfig": {
Expand Down
2 changes: 1 addition & 1 deletion components/slack_v2/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,6 @@
"@pipedream/platform": "^3.2.5",
"@slack/web-api": "^7.9.0",
"async-retry": "^1.3.3",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/stack_exchange/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"@pipedream/platform": "^1.6.8",
"axios": "0.30.3",
"he": "^1.2.0",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
},
"gitHead": "e12480b94cc03bed4808ebc6b13e7fdb3a1ba535",
"publishConfig": {
Expand Down
2 changes: 1 addition & 1 deletion components/typeform/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
"dependencies": {
"@pipedream/platform": "^1.6.8",
"axios": "0.30.3",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"luxon": "^3.0.4",
"querystring": "^0.2.0",
"uuidv4": "^6.2.13"
Expand Down
2 changes: 1 addition & 1 deletion components/wrike/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,6 @@
},
"dependencies": {
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23"
"lodash": "^4.18.1"
}
}
2 changes: 1 addition & 1 deletion components/zoom_admin/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
},
"dependencies": {
"@pipedream/platform": "^3.1.1",
"lodash": "^4.17.23",
"lodash": "^4.18.1",
"uuid": "^8.3.2"
}
}
Loading
Loading