From ab482cab82d8e0c39e395aa5be871604b7de5efe Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 13 Jul 2020 23:29:30 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) mode change 100755 => 100644 package-lock.json mode change 100755 => 100644 package.json diff --git a/package-lock.json b/package-lock.json old mode 100755 new mode 100644 index 27079c79..52275ccd --- a/package-lock.json +++ b/package-lock.json @@ -1477,9 +1477,9 @@ } }, "lodash": { - "version": "4.17.10", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz", - "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg==" + "version": "4.17.16", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.16.tgz", + "integrity": "sha512-mzxOTaU4AsJhnIujhngm+OnA6JX4fTI8D5H26wwGd+BJ57bW70oyRwTqo6EFJm1jTZ7hCo7yVzH1vB8TMFd2ww==" }, "lodash.get": { "version": "4.4.2", diff --git a/package.json b/package.json old mode 100755 new mode 100644 index fb44c4e2..4700fffd --- a/package.json +++ b/package.json @@ -54,7 +54,7 @@ "depd": "^1.1.2", "flat": "^1.2.1", "immutable": "^3.8.2", - "lodash": "^4.17.5", + "lodash": "^4.17.16", "negotiator": "github:ethanresnick/negotiator#full-parse-access", "pluralize": "0.0.11", "pug": "^2.0.3",