chore(deps): update dependency lodash to v4.17.23 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
lodash (source)	4.17.21 → 4.17.23

GitHub Vulnerability Alerts

CVE-2025-13465

Impact

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.

The issue permits deletion of properties but does not allow overwriting their original behavior.

Patches

This issue is patched on 4.17.23.

---

Release Notes

lodash/lodash (lodash)

v4.17.23

Compare Source

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🚀 Preview Deployment Ready!

Your pull request has been built and is ready for preview deployment.
Here's how to test your changes:

Container Images Built

• Balancer: ghcr.io/OWASP/wrongsecrets-balancer:pr-1062
• Cleaner: ghcr.io/OWASP/cleaner:pr-1062

Quick Deploy with Helm

# Add the wrongsecrets helm repository
helm repo add wrongsecrets https://owasp.org/wrongsecrets-ctf-party
helm repo update

# Deploy with preview images
helm install my-preview wrongsecrets/wrongsecrets-ctf-party \
  --set balancer.repository=ghcr.io/OWASP/wrongsecrets-balancer \
  --set balancer.tag=pr-1062 \
  --set wrongsecretsCleanup.repository=ghcr.io/OWASP/cleaner \
  --set wrongsecretsCleanup.tag=pr-1062 \
  --set imagePullPolicy=Always

# Port forward to access locally
kubectl port-forward service/wrongsecrets-balancer 3000:3000

Deploy with Custom Values

Click to see preview-values.yaml

balancer:
  repository: ghcr.io/OWASP/wrongsecrets-balancer
  tag: pr-1062

wrongsecretsCleanup:
  repository: ghcr.io/OWASP/cleaner
  tag: pr-1062

# Preview configuration
ingress:
  enabled: true
  hosts:
    - host: >-
        preview-pr-1062.wrongsecrets.local
      paths:
        - "/"

# Save the above values to preview-values.yaml, then:
helm install my-preview wrongsecrets/wrongsecrets-ctf-party \
  -f preview-values.yaml

Deploy with Local Build Scripts

# Clone this PR
git fetch origin pull/1062/head:pr-1062
git checkout pr-1062

# Use the existing deployment script with custom images
./build-and-deploy.sh

Test the Changes

1. Access the application at http://localhost:3000
2. Create a team and verify functionality
3. Test any new features or bug fixes

Container Registry

The preview images are available at:

• https://github.com/OWASP/wrongsecrets-ctf-party/pkgs/container/wrongsecrets-balancer
• https://github.com/OWASP/wrongsecrets-ctf-party/pkgs/container/cleaner

---

This preview was automatically generated for PR #1062