From 69b1463f907c3a742fe0d8dc19375f752a87f8c2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 11 Jul 2020 22:13:34 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package-lock.json | 12 +++++++----- package.json | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 33764c0..fc94207 100644 --- a/package-lock.json +++ b/package-lock.json @@ -823,7 +823,8 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "dev": true + "dev": true, + "optional": true }, "is-extendable": { "version": "1.0.1", @@ -1149,9 +1150,9 @@ } }, "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "version": "4.17.16", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.16.tgz", + "integrity": "sha512-mzxOTaU4AsJhnIujhngm+OnA6JX4fTI8D5H26wwGd+BJ57bW70oyRwTqo6EFJm1jTZ7hCo7yVzH1vB8TMFd2ww==" }, "lodash.get": { "version": "4.4.2", @@ -1496,7 +1497,8 @@ "version": "1.6.1", "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", - "dev": true + "dev": true, + "optional": true }, "request": { "version": "2.88.0", diff --git a/package.json b/package.json index 873bd62..0efdc5e 100644 --- a/package.json +++ b/package.json @@ -228,7 +228,7 @@ }, "dependencies": { "didyoumean2": "^1.3.0", - "lodash": "^4.17.15", + "lodash": "^4.17.16", "parse5": "^3.0.2", "pretty-hrtime": "^1.0.3", "typescript": "^3.5.3"