Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump underscore from 1.9.1 to 1.13.1 #1655

Open
wants to merge 6 commits into
base: master
Choose a base branch
from

Conversation

mikeendale
Copy link

As mentioned in #1639, there is a high security vulnerability with dependent library - underscore < 1.12.1. Bumping it 1.13.1 will resolve the issue.

More on the CVE: https://www.npmjs.com/advisories/1674

@mikeendale
Copy link
Author

h/t @jbrody1

@tcboles
Copy link

tcboles commented Nov 16, 2021

Any updates on this?

subhodeep1234 added a commit to subhodeep1234/react-bootstrap-table2 that referenced this pull request Jan 31, 2022
@kirandeshmukh-startv
Copy link

Any updates on it?

1 similar comment
@anthian
Copy link

anthian commented Jun 27, 2022

Any updates on it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants