Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Bump underscore from 1.9.1 to 1.13.1 #1655

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mikeendale wants to merge 6 commits into react-bootstrap-table:master
base: master
Choose a base branch
Loading
from mikeendale:master

Conversation

Copy link

@mikeendale mikeendale commented Jul 15, 2021

As mentioned in #1639, there is a high security vulnerability with dependent library - underscore < 1.12.1. Bumping it 1.13.1 will resolve the issue.

More on the CVE: https://www.npmjs.com/advisories/1674

fbsanchez, moodboom, and thienandangthanh reacted with thumbs up emoji
Copy link
Author

h/t @jbrody1

Copy link

tcboles commented Nov 16, 2021

Any updates on this?
michburkhalter, tataurov, tchax, pastinepolenta, and smtlaissezfaire reacted with thumbs up emoji

subhodeep1234 added a commit to subhodeep1234/react-bootstrap-table2 that referenced this pull request Jan 31, 2022
Copy link

Any updates on it?

1 similar comment
Copy link

anthian commented Jun 27, 2022

Any updates on it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@jbrody1 jbrody1 jbrody1 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /