!disturbed there’s a currently a VULN with underscore 1.12.0 which is used by `@atlassian/aui-8@npm:@firstname.lastname@example.org` which relies on `backbone...
Fix vuln for 8.7.1
QA Kickoff Check-In
Usage described in documentation
Demonstration of all states
Interactive state (screen readers)
Visual regression tests
Navigation (only keyboard / only mouse)
Component render legibly
QA Demo Check-Out
Element status (At Rest/Pressed/Selected/Read Only/Disabled)
Underscore has been bumped to 1.13.1 in AUI 8.8.0. The only difference between the latest AUI 8.7.x and 8.8.0 is the underscore bump.
, , , I will get this story done as part of this week.
[On behalf of @sukeer] I have a https://staging.bb-inf.net/bitbucket/bitbucket/pull-requests/24832/vuln-334302-upgrade-underscore-from-1120 that addresses this vuln for our team.
[On behalf of @Jira] AUI-5332: Update vulnerable dependencies in AUI
[On behalf of @daz] hi, I'm in the process of upmerging dependency bumps across the entire AUI 8.x series. Follow AUI-5332 for updates, but I'll resolve this ticket as part of that work :thumbsup: