Skip to content

[Snyk] Upgrade lodash from 4.17.21 to 4.17.23#437

Open
mnk-blr wants to merge 1 commit intomainfrom
snyk-upgrade-5a8faec6bff6393d5085675e4b475156
Open

[Snyk] Upgrade lodash from 4.17.21 to 4.17.23#437
mnk-blr wants to merge 1 commit intomainfrom
snyk-upgrade-5a8faec6bff6393d5085675e4b475156

Conversation

@mnk-blr
Copy link
Collaborator

@mnk-blr mnk-blr commented Feb 24, 2026

snyk-top-banner

Snyk has created this PR to upgrade lodash from 4.17.21 to 4.17.23.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-LODASH-15053838		 144 No Known Exploit

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade lodash from 4.17.21 to 4.17.23
15dbd93 
Snyk has created this PR to upgrade lodash from 4.17.21 to 4.17.23.

See this package in pnpm:
lodash

See this project in Snyk:
https://app.snyk.io/org/thoughtspot/project/f92ef692-9a75-43a8-bc91-7f0437b58838?utm_source=github&utm_medium=referral&page=upgrade-pr
@mnk-blr mnk-blr requested a review from a team as a code owner February 24, 2026 19:04
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Feb 24, 2026

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

@mnk-blr
Copy link
Collaborator Author

mnk-blr commented Feb 24, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@sonar-prod-ts
Copy link

sonar-prod-ts bot commented Feb 24, 2026

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@pkg-pr-new
Copy link

pkg-pr-new bot commented Feb 24, 2026

Open in StackBlitz

npm i https://pkg.pr.new/thoughtspot/visual-embed-sdk/@thoughtspot/visual-embed-sdk@437

commit: 15dbd93

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mnk-blr @snyk-bot