You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(dep): migrate from lodash.set to lodash. (nock#2306)
Listing `lodash` as a prod dependency has a few advantages over the single func dep we were using.
Primarily, when a security vulnerability is patched in LoDash, those changes don't get published to individual function libs anymore.
The most recent example being the prototype pollution that was patched in 4.17.16.
That particular vulnerability didn't effect Nock because of our usage, however, Nock does show up as having a vulnerability because of it which is a pain for consumers. It also creates a future problem where the next patch could affect Nock more directly.
nock#2279
It should be noted that LoDash itself discourages the use of these single function libs: https://lodash.com/per-method-packages
This changes also removes the vendor-izing of two LoDash functions in favor of using the lib directly (`isPlainObject` and `mapValues`).
fix(type): add `update` type for record mode (nock#2250)
Included 'update' in the BackMode union, following the introduction of the update mode (nock#2241).