[Snyk] Upgrade underscore.string from 3.3.5 to 3.3.6

[snyk-bot]

Snyk has created this PR to upgrade underscore.string from 3.3.5 to 3.3.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.
• The recommended version was released 7 months ago, on 2022-01-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:underscore.string:20170908	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: underscore.string

• 3.3.6 - 2022-01-23
  

  fixup! Prepare for 3.3.6

• 3.3.5 - 2018-10-04
  

  Release 3.3.5

from underscore.string GitHub release notes

Commit messages

Package name: underscore.string

• 6a65c38 Version 3.3.6
• a1bc91a fixup! Prepare for 3.3.6
• d69c845 Prepare for 3.3.6
• d095c4a Compile dist
• 6cd50d1 Bump version in manifests to current
• acb31a6 Add lock file and pin node.js
• df8dc9e Disable broken eslint rules for now
• 095972b Update deps
• 87ddc29 Release 3.3.5

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs