stable
Clone or download
Read-only
request #15125: Bump lodash to 4.17.49
A low level security issue has been identified: https://github.com/advisories/GHSA-p6mc-m468-83gw There is little to no risk in the context of Tuleap, to be exploitable is some ways it would require to zip objects with properties defined by users. Upgrade has been applied wherever it was possible while respecting the existing semver constraint. Change-Id: I465a02e9cb3277d6ef4937ef92a7f072827d7315
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | package-lock.json | +251 | −239 | Go to diff View file |
| M | plugins/agiledashboard/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/agiledashboard/package.json | +1 | −1 | Go to diff View file |
| M | plugins/api_explorer/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/document/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/projectmilestones/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/taskboard/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/testplan/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/timetracking/package-lock.json | +3 | −3 | Go to diff View file |
| M | plugins/tracker/package-lock.json | +9 | −9 | Go to diff View file |
| M | src/package-lock.json | +6 | −6 | Go to diff View file |
| M | src/package.json | +1 | −1 | Go to diff View file |