Mirrors/lodash
1
0
Fork 0
mirror of https://github.com/whoisclebs/lodash.git synced 2026-01-29 06:27:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,672 Commits 7 Branches 423 Tags
717fe4f37c36a65f9aab20e3afcb32a239575a86
Commit Graph

7672 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ulises Gascón
717fe4f37c feat: add CodeQL (#6032) 2025-10-27 06:29:41 -04:00
Ulises Gascón
23903d3c80 docs: add an IRP (#6028) 2025-10-27 06:26:16 -04:00
Ulises Gascón
4e856eb123 feat: add scorecard reporting (#6030) 2025-10-27 06:25:37 -04:00
Ulises Gascón
519b3d1f0d docs: add security escalation policy (#6025) 2025-10-27 06:24:14 -04:00
Ulises Gascón
61ff26e089 ci: add pipeline to run tests on browsers (#6021) 2025-10-27 06:20:37 -04:00
Ulises Gascón
c93ba2d878 ci: add ci pipeline for documentation (#6020) 2025-10-27 06:17:43 -04:00
Jon Church
8a26eb42ad add security.md from afcd5bc (#5946) 2024-12-12 17:27:03 -05:00
Benjamin Tan
f299b52f39 Bump to v4.17.21 4.17.21 2021-02-20 23:33:48 +08:00
Michał Lipiński
c4847ebe7d Improve performance of toNumber, trim and trimEnd on large input strings 
This prevents potential ReDoS attacks using `_.toNumber` and `_.trim*`
as potential attack vectors.

Closes #5065.
 2021-02-20 17:18:39 +08:00
Christophe Coevoet
3469357cff Prevent command injection through _.template's variable option 
Closes #5085.
 2021-02-20 16:28:01 +08:00
Benjamin Tan
ded9bc6658 Bump to v4.17.20. 4.17.20 2020-08-14 00:52:55 +08:00
Benjamin Tan
63150ef764 Documentation fixes. 2020-08-14 00:36:26 +08:00
Benjamin Tan
00f0f62a97 test.js: Remove trailing comma. 2020-07-26 19:38:01 +08:00
Benjamin Tan
846e434c7a Temporarily use a custom fork of lodash-cli. 2020-07-26 19:37:20 +08:00
Benjamin Tan
5d046f39cb Re-enable Travis tests on 4.17 branch. 2020-07-26 19:35:19 +08:00
Benjamin Tan
aa816b36d4 Remove /npm-package. 2020-07-26 19:34:22 +08:00
Mathias Bynens
d7fbc52ee0 Bump to v4.17.19 4.17.19 2020-07-08 19:14:09 +02:00
Mathias Bynens
2e1c0f22f4 Add npm-package 2020-07-08 19:10:23 +02:00
Mathias Bynens
1b6c282299 Bump to v4.17.18 2020-07-08 18:04:03 +02:00
Mathias Bynens
a370ac8140 Bump to v4.17.17 2020-07-08 14:00:48 +02:00
Mathias Bynens
1144918f35 Rebuild lodash and docs 4.17.16 2020-07-08 10:08:29 +02:00
Mathias Bynens
3a3b0fd339 Bump to v4.17.16 2020-07-08 09:44:35 +02:00
Jakub Mikulas
c84fe82760 fix(zipObjectDeep): prototype pollution (#4759) 2020-07-02 14:47:49 -07:00
Alex Brasetvik
e7b28ea6cb Sanitize sourceURL so it cannot affect evaled code (#4518) 2020-06-03 23:36:12 -07:00
Chinedum Ukejianya
0cec225778 Fix lodash.isEqual for circular references (#4320) (#4515) 2019-10-16 14:43:11 -07:00
Artemy Tregubenko
94c3a8133c Document matches* shorthands for over* methods (#4510) (#4514) 2019-10-13 10:54:27 -07:00
Michał Lipiński
659e8c019c Ensure orderBy will accept iteratee path arrays #4438 (#4513) 2019-10-10 13:04:37 -07:00
Graeme Yeates
602cc3f03d (4.17) Short circuit sortedIndexBy methods for empty arrays (#4497) 2019-10-04 10:23:55 -07:00
max
b281ddecc4 change documentation, show clearly how sortBy work with two iteratees (#4467) 2019-09-16 21:31:36 -07:00
John-David Dalton
ddfd9b11a0 Bump to v4.17.15. 4.17.15 2019-07-17 10:06:33 -07:00
John-David Dalton
b185fcee26 Rebuild lodash and docs. 2019-07-17 10:05:47 -07:00
John-David Dalton
be87d30394 Bump to v4.17.14. 4.17.14 2019-07-10 06:33:09 -07:00
John-David Dalton
a6fe6b1e17 Rebuild lodash and docs. 2019-07-10 06:32:17 -07:00
John-David Dalton
e37182845f Bump to v4.17.13. 4.17.13 2019-07-09 15:16:26 -07:00
John-David Dalton
357e899e68 Rebuild lodash and docs. 2019-07-09 15:15:19 -07:00
John-David Dalton
fd9a062d57 Bump to v4.17.12. 4.17.12 2019-07-09 13:42:00 -07:00
John-David Dalton
e77d68121f Rebuild lodash and docs. 2019-07-09 13:34:41 -07:00
John-David Dalton
629d186579 Update OpenJS references. 2019-07-09 13:31:30 -07:00
John-David Dalton
2406eac542 Fix minified build. 2019-07-09 13:30:56 -07:00
John-David Dalton
17a34bc585 Fix test bootstrap for core build. 2019-07-09 12:48:18 -07:00
John-David Dalton
53838a38f8 Fix tests in older browsers. 2019-07-09 12:43:33 -07:00
John-David Dalton
29e258497b Fix style:test lint nits. 2019-07-09 09:53:48 -07:00
John-David Dalton
8f4d3eb018 Update deps. 2019-07-09 09:36:22 -07:00
John-David Dalton
02b3295a63 Format nit. 2019-07-09 09:34:08 -07:00
John-David Dalton
52ab48c054 Use nativeIsFinite() instead of Number.isFinite(). 2019-07-09 09:33:04 -07:00
John-David Dalton
f8dc2149f7 Whitespace nit. 2019-07-09 09:32:38 -07:00
John-David Dalton
deb65de218 Revert "perf(toNumber): use +value to convert binary/octal/hexadecimal string (#4230)" 
This reverts commit 7084300d34.
 2019-07-09 09:29:54 -07:00
Alex Brasetvik
60eb517911 Prevent prototype pollution chaining to code execution via _.template (#4355) 2019-07-09 09:09:55 -07:00
Kirill
1f8ea07746 fix: prototype pollution in _.defaultsDeep (#4336) 2019-06-24 09:17:55 -07:00
Erick Calder
e42cd97dae Fixes issue with Object prototype and the chaining syntax. [closes #4247] 2019-05-09 13:54:13 -07:00