Skip to content

Commit a772ba4

Browse files
cmalonzocmalonzo
committed
Bump lodash 4.18.0 to address CVEs
1 parent 7c2a33f commit a772ba4

13 files changed

Lines changed: 93 additions & 53 deletions

File tree

apps/api-extractor/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@
7070
"@rushstack/terminal": "workspace:*",
7171
"@rushstack/ts-command-line": "workspace:*",
7272
"diff": "~8.0.2",
73-
"lodash": "~4.17.23",
73+
"lodash": "~4.18.0",
7474
"minimatch": "10.2.3",
7575
"resolve": "~1.22.1",
7676
"semver": "~7.5.4",

build-tests/api-extractor-test-05/dist/tsdoc-metadata.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
"toolPackages": [
66
{
77
"packageName": "@microsoft/api-extractor",
8-
"packageVersion": "7.57.7"
8+
"packageVersion": "7.58.0"
99
}
1010
]
1111
}

build-tests/localization-plugin-test-02/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
"@types/webpack-env": "1.18.8",
2020
"eslint": "~9.37.0",
2121
"html-webpack-plugin": "~4.5.2",
22-
"lodash": "~4.17.23",
22+
"lodash": "~4.18.0",
2323
"local-node-rig": "workspace:*",
2424
"webpack": "~4.47.0",
2525
"webpack-bundle-analyzer": "~4.5.0",

common/changes/@microsoft/api-extractor/lodash-4.18.0_2026-04-02-17-03.json

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
{
2+
"changes": [
3+
{
4+
"packageName": "@microsoft/api-extractor",
5+
"comment": "Bump lodash 4.18.0 to address CVEs",
6+
"type": "patch"
7+
}
8+
],
9+
"packageName": "@microsoft/api-extractor"
10+
}

common/changes/@rushstack/heft-jest-plugin/lodash-4.18.0_2026-04-02-17-03.json

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
{
2+
"changes": [
3+
{
4+
"packageName": "@rushstack/heft-jest-plugin",
5+
"comment": "Bump lodash 4.18.0 to address CVEs",
6+
"type": "patch"
7+
}
8+
],
9+
"packageName": "@rushstack/heft-jest-plugin"
10+
}

common/changes/@rushstack/npm-check-fork/lodash-4.18.0_2026-04-02-17-03.json

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
{
2+
"changes": [
3+
{
4+
"packageName": "@rushstack/npm-check-fork",
5+
"comment": "Bump lodash 4.18.0 to address CVEs",
6+
"type": "patch"
7+
}
8+
],
9+
"packageName": "@rushstack/npm-check-fork"
10+
}

common/config/subspaces/build-tests-subspace/pnpm-lock.yaml

Lines changed: 8 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

common/config/subspaces/build-tests-subspace/repo-state.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
// DO NOT MODIFY THIS FILE MANUALLY BUT DO COMMIT IT. It is generated and used by Rush.
22
{
3-
"pnpmShrinkwrapHash": "b521001fa31a13e992f9979b1292951aa6452daa",
3+
"pnpmShrinkwrapHash": "d4abb24eaa137378d1ee1c6f708226c9e1e71fcb",
44
"preferredVersionsHash": "550b4cee0bef4e97db6c6aad726df5149d20e7d9",
5-
"packageJsonInjectedDependenciesHash": "a9488da9faaa4bc0166edfe82f2177d7a68e4cb1"
5+
"packageJsonInjectedDependenciesHash": "05e38c78d045b0001f626c8e7e9cb1cec46f9f28"
66
}

0 commit comments

Comments
 (0)