Publish new version for lodash vulnerability in version 4.17.19

Question

Publish new version for lodash vulnerability in version 4.17.19

rishabh1403 opened this issue 3 years ago · comments

Current Behavior

Version 10.2.0 of platform-core and platform-cli packages have a dependency on lodash version 4.17.19 which has a vulnerability and is fixed in 4.17.21. npm audit checks are failing for version 10.2.0, The latest code in the repo already has the new lodash version.

Desired Behavior

Publish a new version that fixes this dependency.

David Brownman · Answer 1 · Tue May 11 2021 04:59:20 GMT+0800 (China Standard Time)

We're planning on releasing a new version (11.0.0) very soon, hopefully this week.

Thanks for your patience!