From b38c186af8ae582b4abd48fdf615bedab482689c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 22 Feb 2021 23:29:33 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) mode change 100755 => 100644 package-lock.json mode change 100755 => 100644 package.json diff --git a/package-lock.json b/package-lock.json old mode 100755 new mode 100644 index 27079c79..ebd5f9b2 --- a/package-lock.json +++ b/package-lock.json @@ -1477,9 +1477,9 @@ } }, "lodash": { - "version": "4.17.10", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz", - "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg==" + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "lodash.get": { "version": "4.4.2", diff --git a/package.json b/package.json old mode 100755 new mode 100644 index fb44c4e2..98df4f06 --- a/package.json +++ b/package.json @@ -54,7 +54,7 @@ "depd": "^1.1.2", "flat": "^1.2.1", "immutable": "^3.8.2", - "lodash": "^4.17.5", + "lodash": "^4.17.21", "negotiator": "github:ethanresnick/negotiator#full-parse-access", "pluralize": "0.0.11", "pug": "^2.0.3",