Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update lodash #14

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update lodash #14

wants to merge 2 commits into from

Conversation

mxbrandi
Copy link

@mxbrandi mxbrandi commented Nov 4, 2019
edited
Loading

This package depends on lodash version 3.x, which contains four security vulnerabilities, two of which are ranked high, and two are ranked medium: https://snyk.io/test/npm/lodash/3.10.1

This PR upgrades the dependency to the latest version and fixes compatibility issues induced by the upgrade from 3.x to 4.x.

I have run npm test with success.

@mxbrandi
Upgrade lodash dependency from 3.x to 4.17.15
4aa02fd 
Versions between 3.x to 4.17.12 include several security vulnerabilities (2 ranked high and 2 ranked medium, see e.g. https://snyk.io/test/npm/lodash/3.10.1)
@mxbrandi
Replace _.any with _.some
520c3cb 
Required by major change in `lodash` from 3.x to 4.x
(https://github.com/lodash/lodash/wiki/Changelog#v400)
coleltr
coleltr approved these changes Jan 20, 2020
View reviewed changes
Copy link

@coleltr coleltr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable. I would appreciate a new updated version now.

@zlintz
Copy link

zlintz commented Feb 4, 2020

@mxbrandi I made a node only version of this if you are interested
https://www.npmjs.com/package/node-monologue
https://github.com/Foo-Foo-MQ/node-monologue

If you are also looking for these changes to get a version of rabbot updated, I also have a fork that I am maintaining as a replacement...
https://github.com/Foo-Foo-MQ/foo-foo-mq
https://www.npmjs.com/package/foo-foo-mq

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coleltr coleltr coleltr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mxbrandi @zlintz @coleltr