Skip to content

chore(deps): bump underscore from 1.13.6 to 1.13.8#492

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/underscore-1.13.8
Open

chore(deps): bump underscore from 1.13.6 to 1.13.8#492
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/underscore-1.13.8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 4, 2026

Copy link
Copy Markdown
Contributor

Bumps underscore from 1.13.6 to 1.13.8.

Commits
  • 9374840 Merge branch 'release/1.13.8'
  • 309ad7e Re-generate annotated sources and minified codemaps
  • a1ac1d3 Add links to diff and docs in 1.13.8 change log entry
  • b579595 Mention CVE-2026-27601 in comments and documentation (#3011)
  • 45ea015 Revert obfuscations from 42823bb.
  • 4a4019e Update minified bundles
  • 1ccfdd0 Add preliminary release notes for 1.13.8
  • 42823bb Temporarily obfuscate comments
  • a6e23ae Make _.isEqual nonrecursive
  • f2b5164 Add regression test against stack overflow in _.isEqual
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 4, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/underscore-1.13.8 branch from 9d68475 to 0473d93 Compare March 24, 2026 15:39
@touv

touv commented Apr 8, 2026

Copy link
Copy Markdown
Contributor

@dependabot rebase

Bumps [underscore](https://github.com/jashkenas/underscore) from 1.13.6 to 1.13.8.
- [Commits](jashkenas/underscore@1.13.6...1.13.8)

---
updated-dependencies:
- dependency-name: underscore
  dependency-version: 1.13.8
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/underscore-1.13.8 branch from 0473d93 to 9e63460 Compare April 8, 2026 10:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant