Skip to content
This repository was archived by the owner on Nov 28, 2018. It is now read-only.

update lodash for security issue#61

Open
annyhe wants to merge 1 commit intoryanbillingsley:masterfrom
annyh:0.3.2
Open

update lodash for security issue#61
annyhe wants to merge 1 commit intoryanbillingsley:masterfrom
annyh:0.3.2

Conversation

@annyhe
Copy link

@annyhe annyhe commented May 25, 2018

@annyhe
Copy link
Author

annyhe commented May 25, 2018

@ryanbillingsley Please review.

@eboehnisch
Copy link

+1


0.3.2
* Bump the lodash version due to security concerns
* Update lodash usage in `src/ipfulter.js` for tests to pass

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo in filename: src/ipfilter.js

## Changelog

0.3.2
* Bump the lodash version due to security concerns

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ChaseWagoner
Copy link

@ryanbillingsley Please review this

@JuanCrg90
Copy link

+1

@pdefreitas
Copy link

This project is abandoned?

Copy link

@pdefreitas pdefreitas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just needs the changes @ChaseWagoner suggested.

@chandru89new
Copy link

This repo seems to be unmaintained now.

Is there a manual on how to fix this ourselves? One of my projects uses express-ipfilter but I'm not able to update the lodash dependency within express-ipfilter and fix the vulnerability.

@chandru89new
Copy link

Never mind my comment above. I was able to fix it. Thanks.

@ryanbillingsley
Copy link
Owner

Sorry everyone, I left the company a while back and was no longer a part of the Github Team so I wasn't able to do anything about this.

I would like to get this merged but with the suggestions. If @annyhe wants to do that, that would be great, otherwise I will do it as soon as I can this evening.

@ryanbillingsley ryanbillingsley mentioned this pull request Nov 1, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

7 participants