Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
9403dfb544
PromucFlow_constructor/app/client/packages/design-system
History
Victor Kostyuk e394b7f21b
fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 
## Description
This PR enforces lodash version 4.17.21 or above, mitigating the
**Critical severity** vulnerability
[CVE-2019-10744](https://github.com/advisories/GHSA-jf85-cpcp-j695).

## Automation

/ok-to-test tags="@tag.Sanity"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!CAUTION]  
> If you modify the content in this section, you are likely to disrupt
the CI result for your PR.

<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated the version constraints for the lodash library across multiple
packages. This ensures a minimum version of 4.17.21 while allowing a
broader range of updates, including potential major releases.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-03-11 14:33:25 +03:00
..
ads fix: Rename Error effect in ADS (#39644) 2025-03-10 14:49:05 +05:30
ads-old chore: Eject CRA (#39264) 2025-02-14 14:24:41 +05:30
headless chore: refactor inputs (#36680) 2024-10-09 16:22:44 +05:30
theming fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 2025-03-11 14:33:25 +03:00
widgets fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 2025-03-11 14:33:25 +03:00
widgets-old fix: stop tooltip from overflowing out of view in preview and deployed mode. (#39159) 2025-02-24 12:36:54 +01:00