Skip to content

Commit 1595a60

Browse files
antonisclaude
antonis
and
claude
authored
chore(deps): bump lodash to ^4.17.23 (#5702)
Adds a yarn resolution to force lodash to >=4.17.23, patching the prototype pollution vulnerability in _.unset and _.omit (currently at 4.17.21, affected range >= 4.0.0, <= 4.17.22). Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent b05f8ad commit 1595a60

File tree

2 files changed

+5
-4
lines changed

2 files changed

+5
-4
lines changed

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,7 @@
6262
"appium-chromedriver@npm:5.6.73/@xmldom/xmldom": "0.8.10",
6363
"fast-xml-parser": "^5.3.6",
6464
"form-data": "4.0.4",
65+
"lodash": "^4.17.23",
6566
"tar-fs": "^3.1.1",
6667
"tar": "^7.5.7"
6768
},

yarn.lock

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24574,10 +24574,10 @@ __metadata:
2457424574
languageName: node
2457524575
linkType: hard
2457624576

24577-
"lodash@npm:4.17.21, lodash@npm:^4.0.0, lodash@npm:^4.17.11, lodash@npm:^4.17.12, lodash@npm:^4.17.14, lodash@npm:^4.17.15, lodash@npm:^4.17.19, lodash@npm:^4.17.21, lodash@npm:^4.17.4, lodash@npm:^4.2.1":
24578-
version: 4.17.21
24579-
resolution: "lodash@npm:4.17.21"
24580-
checksum: eb835a2e51d381e561e508ce932ea50a8e5a68f4ebdd771ea240d3048244a8d13658acbd502cd4829768c56f2e16bdd4340b9ea141297d472517b83868e677f7
24577+
"lodash@npm:^4.17.23":
24578+
version: 4.17.23
24579+
resolution: "lodash@npm:4.17.23"
24580+
checksum: 7daad39758a72872e94651630fbb54ba76868f904211089721a64516ce865506a759d9ad3d8ff22a2a49a50a09db5d27c36f22762d21766e47e3ba918d6d7bab
2458124581
languageName: node
2458224582
linkType: hard
2458324583

0 commit comments

Comments
 (0)