Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(dependencies): update dependency underscore to 1.12.1 [security] - abandoned #592

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented May 9, 2021

Mend Renovate

This PR contains the following updates:

Package Change
underscore 1.8.3 -> 1.12.1

GitHub Vulnerability Alerts

CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 27a7655 to 979b11c Compare May 15, 2021 20:44
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 4 times, most recently from 49ad4b9 to ce6fc88 Compare June 9, 2021 11:38
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from 0fa4afb to 9a7173a Compare June 21, 2021 02:31
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 2 times, most recently from ee99907 to 239c184 Compare June 28, 2021 03:35
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 4 times, most recently from bfd1371 to 3009a53 Compare July 12, 2021 01:51
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 4 times, most recently from 956635a to c2b6ece Compare July 19, 2021 02:16
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch 3 times, most recently from 3a5a63c to 5b24dce Compare July 26, 2021 03:25
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 5b24dce to 1092164 Compare August 2, 2021 02:50
@renovate renovate bot changed the title chore(dependencies): update dependency underscore to 1.12.1 [security] chore(dependencies): update dependency underscore to 1.12.1 [security] - autoclosed Sep 23, 2021
@renovate renovate bot closed this Sep 23, 2021
@renovate renovate bot deleted the renovate/npm-underscore-vulnerability branch September 23, 2021 18:08
@renovate renovate bot changed the title chore(dependencies): update dependency underscore to 1.12.1 [security] - autoclosed chore(dependencies): update dependency underscore to 1.12.1 [security] Sep 23, 2021
@renovate renovate bot reopened this Sep 23, 2021
@renovate renovate bot restored the renovate/npm-underscore-vulnerability branch September 23, 2021 19:23
@renovate renovate bot force-pushed the renovate/npm-underscore-vulnerability branch from 1092164 to 2801c3d Compare September 23, 2021 19:26
@renovate renovate bot changed the title chore(dependencies): update dependency underscore to 1.12.1 [security] chore(dependencies): update dependency underscore to 1.12.1 [security] - abandoned Mar 24, 2023
@renovate
Copy link
Author

renovate bot commented Mar 24, 2023

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant