Skip to content

[Snyk] Security upgrade lodash from 4.17.23 to 4.18.1#135

Open
jrdh wants to merge 1 commit into
mainfrom
snyk-fix-8541364c1a5390f362fdbf5c240c3eda
Open

[Snyk] Security upgrade lodash from 4.17.23 to 4.18.1#135
jrdh wants to merge 1 commit into
mainfrom
snyk-fix-8541364c1a5390f362fdbf5c240c3eda

Conversation

@jrdh

@jrdh jrdh commented Apr 2, 2026

Copy link
Copy Markdown

snyk-top-banner

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Arbitrary Code Injection
SNYK-JS-LODASH-15869625
  630  
medium severity Prototype Pollution
SNYK-JS-LODASH-15869619
  545  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Arbitrary Code Injection

@jrdh jrdh requested a review from a team as a code owner April 2, 2026 15:05
@github-actions

github-actions Bot commented Apr 2, 2026

Copy link
Copy Markdown

Test Results

 1 files  ±0   8 suites  ±0   8s ⏱️ -2s
58 tests ±0  58 ✅ ±0  0 💤 ±0  0 ❌ ±0 
59 runs  ±0  59 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 0e8472f. ± Comparison against base commit 947bbd0.

@milkshakeuk milkshakeuk force-pushed the main branch 5 times, most recently from 49c9964 to c66c4a4 Compare April 30, 2026 10:45
@milkshakeuk milkshakeuk force-pushed the snyk-fix-8541364c1a5390f362fdbf5c240c3eda branch from 1f194b1 to 0e8472f Compare April 30, 2026 15:05
@milkshakeuk milkshakeuk force-pushed the snyk-fix-8541364c1a5390f362fdbf5c240c3eda branch from 0e8472f to c59b0b8 Compare April 30, 2026 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants