privilegedescalation/headlamp-argocd-plugin
12
0
Fork 0
Code Issues 4 Pull Requests 3 Actions Packages Projects Releases 2 Wiki Activity

fix: override lodash >=4.18.0 to patch code injection vulnerability #7

Merged
privilegedescalation-engineer[bot] merged 2 commits from fix/lodash-cve-ghsa-r5fr-rjxr-66jc into main 2026-05-04 03:24:01 +00:00
Conversation 5 Commits 2 Files Changed 2
+6 -3
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+4 -1
View File
@@ -56,5 +56,8 @@
"typescript": "~5.6.2",
"undici": "^7.24.3",
"vitest": "^3.0.5"
},
"overrides": {
"lodash": ">=4.18.0"
}
}
}
pnpm-lock.yaml
Generated
+2 -2
View File
@@ -6235,7 +6235,7 @@ snapshots:
jsdom: 24.1.3
jsonpath-plus: 10.4.0
lodash: 4.18.1
material-react-table: 2.13.3(330725fe5432f245d076f0c0dda1a7a7)
material-react-table: 2.13.3(0078ddeddc9e779fa84c03996c1db10e)
monaco-editor: 0.52.2
msw: 2.4.9(typescript@5.6.2)
msw-storybook-addon: 2.0.3(msw@2.4.9(typescript@5.6.3))
@@ -9937,7 +9937,7 @@ snapshots:
'@types/minimatch': 3.0.5
minimatch: 3.1.5
material-react-table@2.13.3(330725fe5432f245d076f0c0dda1a7a7):
material-react-table@2.13.3(0078ddeddc9e779fa84c03996c1db10e):
dependencies:
'@emotion/react': 11.14.0(@types/react@18.3.28)(react@18.3.1)
'@emotion/styled': 11.14.1(@emotion/react@11.14.0(@types/react@19.2.14)(react@18.3.1))(@types/react@18.3.28)(react@18.3.1)