firebase-functions-test icon indicating copy to clipboard operation
firebase-functions-test copied to clipboard

Published 20 hours ago verified publisher icon firebase

Bump lodash

Open pzarfos opened this issue 5 months ago • 1 comments
trafficstars

Description

Upgrading package:

  • Bump lodash from 4.17.5 to 4.17.21

Motivation:

  • This update is to fix Code Injection and Prototype Pollution vulnerabilities in lodash <= 4.17.17
  • see https://security.snyk.io/package/npm/lodash for details

Tests:

  • [x] Ran unit tests

pzarfos avatar May 26 '25 01:05 pzarfos

@cabljac I really need to get a newer version of lodash in there. Primarily to pass the Dependabot scans. Please let me know what else I need to do to make this happen.

pzarfos avatar May 26 '25 01:05 pzarfos