* Fix prototype pollution in _.set and related functions
Prevents setting dangerous properties (__proto__, constructor, prototype)
that could lead to prototype pollution vulnerabilities.
* Fix command injection vulnerability in _.template
- Add validation for the variable option to prevent injection attacks
- Improve sourceURL whitespace normalization to prevent code injection
* Fix cyclic value comparison in _.isEqual
Properly checks both directions when comparing cyclic values to ensure
correct equality comparisons for circular references.
* Improve _.sortBy and _.orderBy performance and array handling
- Add early return for empty arrays in sorted index operations
- Improve array iteratee handling to support nested property paths
- Add missing keysIn import in baseClone
* Refactor _.trim, _.trimEnd, and _.trimStart implementations
Extract shared trim logic into reusable utilities (_baseTrim, _trimmedEndIndex)
for better code organization and consistency. Update related functions
(toNumber, parseInt) to use new utilities. Improve comment accuracy.
* Add documentation for predicate composition with _.overEvery and _.overSome
Enhance documentation to show how _.matches and _.matchesProperty can be
combined using _.overEvery and _.overSome for more powerful filtering.
Add examples demonstrating shorthand predicate syntax.
* Bump to v4.17.21
* Fix prototype pollution in _.unset and _.omit
Prevent prototype pollution on baseUnset function by:
- Blocking "__proto__" if not an own property
- Blocking "constructor.prototype" chains (except when starting at primitive root)
- Skipping non-string keys
See: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg
* Update JSDoc documentation to align with main branch
- Fix sortBy example ages (40 -> 30) for correct sort order demonstration
- Fix _setCacheHas return type (number -> boolean)
