IMA-WorldHealth / Tree / 179
70%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 1
Run time 0s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
179

push

travis-ci

web-flow 
Merge #26

26: build(deps): [security] bump lodash from 4.17.5 to 4.17.15 r=jniles a=dependabot-preview[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.5 to 4.17.15. **This update includes security fixes.**
<details>
<summary>Vulnerabilities fixed</summary>
<p><em>Sourced from The GitHub Security Advisory Database.</em></p>
<blockquote>
<p><strong>Critical severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge, lodash.mergewith, and lodash.defaultsdeep</strong>
Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.</p>
<p>Affected versions: &lt; 4.17.12</p>
</blockquote>
<p><em>Sourced from The GitHub Security Advisory Database.</em></p>
<blockquote>
<p><strong>Moderate severity vulnerability that affects lodash</strong>
lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.7.11.</p>
<p>Affected versions: &lt; 4.17.11</p>
</blockquote>
<p><em>Sourced from The GitHub Security Advisory Database.</em></p>
<blockquote>
<p><strong>High severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge, lodash.mergewith, and lodash.defaultsdeep</strong>
Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.</p>
<p>Affected versions: &lt; 4.17.13</p>
</blockquote>
<p><em>Sourced from <a href="https://github.com/nodejs/security-wg/blob/master/vuln/npm/493.json">The Node Security Working Group</a>.</em></p>
<blockquote>
<p><strong>Denial of Service</strong>
Pro... (continued)

17 of 27 branches covered (62.96%)

Branch coverage included in aggregate %.

39 of 64 relevant lines covered (60.94%)

38.81 hits per line

Jobs
ID Job ID Ran Files Coverage
1 179.1 0
61.54
 Travis Job 179.1
Source Files on build 179
Detailed source file information is not available for this build.