Node Security Issue with lodash: 577 - Prototype Pollution #312

johncblandii · 2018-05-14T23:07:09Z

We need a lodash update. It'd be a good time to release to resolve #301 as well.

AukeTembrink · 2018-07-27T18:53:46Z

I can approve this. +1

Berkmann18 · 2019-06-05T14:29:16Z

It still seems to be a problem on 1.12.0 according to Snyk (https://app.snyk.io/test/npm/vorpal/1.12.0).

johncblandii · 2019-06-07T05:05:12Z

I'm pretty sure this project is dead, @Berkmann18.

Berkmann18 · 2019-06-07T09:14:49Z

tsujp · 2019-10-09T08:57:01Z

Why has this not been merged, rather unacceptable that a high security vulnerability has been here for over a year

slinkardbrandon · 2019-10-09T11:07:48Z

@tsujp Because the project is dead and the old vorpal admins haven’t put anyone else in charge.

tsujp · 2019-10-09T11:35:20Z

davidnussio · 2019-10-25T15:07:23Z

I'm starting using this fork: npm i @moleculer/vorpal

Berkmann18 linked a pull request Jun 5, 2019 that will close this issue

Fix security vulnerabilities #343

Open

Provide feedback