Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
e394b7f21b
PromucFlow_constructor/app/client/packages/design-system/widgets
History
Victor Kostyuk e394b7f21b
fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 
## Description
This PR enforces lodash version 4.17.21 or above, mitigating the
**Critical severity** vulnerability
[CVE-2019-10744](https://github.com/advisories/GHSA-jf85-cpcp-j695).

## Automation

/ok-to-test tags="@tag.Sanity"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!CAUTION]  
> If you modify the content in this section, you are likely to disrupt
the CI result for your PR.

<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Chores**
- Updated the version constraints for the lodash library across multiple
packages. This ensures a minimum version of 4.17.21 while allowing a
broader range of updates, including potential major releases.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-03-11 14:33:25 +03:00
..
src chore: AI Chat e2e tests (#39490) 2025-03-07 17:33:16 +05:30
.eslintrc.json
jest.config.js chore: add rollup config for wds (#39397) 2025-02-27 16:05:52 +05:30
package.json fix: Enforce lodash >=4.17.21 to mitigate CVE-2019-10744 (Critical vulnerability) (#39625) 2025-03-11 14:33:25 +03:00
rollup.config.js chore: add rollup config for wds (#39397) 2025-02-27 16:05:52 +05:30
tsconfig.json