Bump underscore from 1.13.1 to 1.13.8

[dependabot]

Bumps underscore from 1.13.1 to 1.13.8.

Commits

• 9374840 Merge branch 'release/1.13.8'
• 309ad7e Re-generate annotated sources and minified codemaps
• a1ac1d3 Add links to diff and docs in 1.13.8 change log entry
• b579595 Mention CVE-2026-27601 in comments and documentation (#3011)
• 45ea015 Revert obfuscations from 42823bb.
• 4a4019e Update minified bundles
• 1ccfdd0 Add preliminary release notes for 1.13.8
• 42823bb Temporarily obfuscate comments
• a6e23ae Make _.isEqual nonrecursive
• f2b5164 Add regression test against stack overflow in _.isEqual
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by CodeRabbit

• Chores
  • Updated underscore dependency to a newer version.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 37f71ef and bcc4e9b.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

---

📝 Walkthrough

Walkthrough

A dependency version update in package.json upgrades the underscore library from version ^1.9.1 to ^1.13.8. This is a single-file change with no behavioral or structural code modifications.

Changes

Cohort / File(s)	Summary
Dependency Update package.json	Bumped underscore dependency from ^1.9.1 to ^1.13.8

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A hop and a bump, now underscore gleams,
From 1.9 to 1.13, fulfilling our dreams,
One line in the JSON, so simple and clean,
The newest version of tools we've seen! 🐰✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: updating the underscore dependency from 1.13.1 to 1.13.8.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/npm_and_yarn/underscore-1.13.8

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}