need to upgrade underscore pkg version from 1.8.3 to 1.12.1 to fix critical vulnerability.

Question

need to upgrade underscore pkg version from 1.8.3 to 1.12.1 to fix critical vulnerability.

ravi-soda opened this issue 4 years ago · comments

mock-aws-s3 is using the underscore pkg version #1.8.3 which is having a critical vulnerability. Can you please upgrade the underscore pkg version to 1.12.* or above. Please let us know ASAP.

ravi s · Answer 1 · Thu Apr 08 2021 14:30:28 GMT+0800 (China Standard Time)

Seems like there is a PullRequest already created for this, please approve the Pull Request

Mathieu Triay · Answer 2 · Sun Apr 11 2021 05:47:34 GMT+0800 (China Standard Time)

Published v4.0.2 with a bunch of package updates. Let me know if that works for you.