request #46396 lodash, lodash-es: 4.17.21 -> 4.17.23

Infos

Artifact ID#46396

Submitted byJoris MASSON (jmasson)

Last Modified On2026-01-22 16:54

Submitted on2026-01-22 14:17

Rank48121

Details

Summary *

lodash, lodash-es: 4.17.21 -> 4.17.23

Original Submission

It solves CVE-2025-13465, but Tuleap is not affected by this vulnerability as we never call unset() or omit() from lodash.

Changelog: https://github.com/lodash/lodash/wiki/Changelog#v41723

CategoryOther

Reported in versionAll

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toJoris MASSON (jmasson)

StatusClosed

Close date2026-01-22

Attachments

AttachmentsEmpty

References

Cross references

Referencing request #46396

Git commit

tuleap/tuleap/stable

chore: request #46396 lodash, lodash-es: 4.17.21 -> 4.17.23 98b48c0a54

Joris MASSON (jmasson) , 2026-01-22 14:52

Merge 'gerrit #36682' into stable/master 64faf60d05

Thomas Gerbet (tgerbet) , 2026-01-22 16:53

Show items referenced by request #46396

Referenced by request #46396

Artifact

rel #46324 17.3

Git commit

tuleap/tuleap/stable

chore: request #46396 lodash, lodash-es: 4.17.21 -> 4.17.23 98b48c0a54

Joris MASSON (jmasson) , 2026-01-22 14:52

Other

gerrit #36682

Follow-ups

Thomas Gerbet (tgerbet)

2026-01-22 16:54

Connected artifacts
- Added Fixed in: rel #46324

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-01-22 16:54

Closed by @jmasson with git #tuleap/stable/98b48c0a54b68bd4fd7a65b764af61ee793d5249.

Status changed from Under review to Closed
Close date set to 2026-01-22

Joris MASSON (jmasson)

2026-01-22 15:01

See gerrit #36682

Status changed from Under implementation to Under review

Public

Referencing request #46396

Git commit

tuleap/tuleap/stable

Referenced by request #46396

Artifact

Git commit

tuleap/tuleap/stable

Other

Follow-ups