NoahV
NoahV copied to clipboard
baidu
An efficient front-end application framework based on vue.js
Bumps [nth-check](https://github.com/fb55/nth-check) from 2.0.0 to 2.0.1. Release notes Sourced from nth-check's releases. v2.0.1 Fixes: Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d Ensures parsing will always have linear time...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [nth-check](https://github.com/fb55/nth-check) from 2.0.0 to 2.0.1. Release notes Sourced from nth-check's releases. v2.0.1 Fixes: Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d Ensures parsing will always have linear time...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.10.2 to 1.12.1. Commits c627e38 Mention CVE-2021-23358 in code, test and documentation (#2915) c9e803e Add diff and docs to the 1.12.1 change log entry 0c20985 Restore comments...
https://github.com/baidu/NoahV/blob/f5175edb680f16201462b31dd5211de9eccd4b64/template/common/package.json#L20 CVE-2020-7760 Recommended upgrade version:5.47.1
https://github.com/baidu/NoahV/blob/f5175edb680f16201462b31dd5211de9eccd4b64/tools/noahv-cli/package-lock.json#L1456-L1460 CVE-2021-23358 Recommended upgrade version:1.12.1