Skip to content
This repository was archived by the owner on Oct 22, 2021. It is now read-only.

Bump lodash from 4.17.20 to 4.17.21#113

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/lodash-4.17.21
Open

Bump lodash from 4.17.20 to 4.17.21#113
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/lodash-4.17.21

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2021
edited
Loading

Bumps lodash from 4.17.20 to 4.17.21.

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 11, 2021
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch from 46e1ed8 to 6b7876d Compare May 11, 2021 16:14
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 5 times, most recently from f801b57 to 62a3ba5 Compare May 25, 2021 18:19
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 3 times, most recently from b376a03 to 6defdbb Compare June 8, 2021 16:49
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch from 6defdbb to 8392802 Compare June 22, 2021 15:00
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 2 times, most recently from 8d7359d to b4d445e Compare July 8, 2021 21:42
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 2 times, most recently from 5473adb to 682e71f Compare July 23, 2021 17:28
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 2 times, most recently from ba0c617 to 2edc2ef Compare August 3, 2021 16:45
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 3 times, most recently from 682cbbe to 81840d1 Compare August 14, 2021 13:27
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 7 times, most recently from 96a9e0b to 66495e4 Compare August 28, 2021 03:51
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 3 times, most recently from 6d72e4d to 8b782cf Compare September 3, 2021 13:01
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch from 8b782cf to ec1e6db Compare September 24, 2021 15:58
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch from ec1e6db to d3d1bfa Compare October 3, 2021 10:59
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch 2 times, most recently from e2b3eee to d21f9d3 Compare October 16, 2021 04:43
@dependabot
Bump lodash from 4.17.20 to 4.17.21
b276b52 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lodash-4.17.21 branch from d21f9d3 to b276b52 Compare October 20, 2021 16:59
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants