From 04c0b7a628632d55ee73f798f9b37ee5c960ecdd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 22 Aug 2020 22:13:36 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-590103 --- package-lock.json | 12 +++++++----- package.json | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 33764c0..38b9b0f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -823,7 +823,8 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "dev": true + "dev": true, + "optional": true }, "is-extendable": { "version": "1.0.1", @@ -1149,9 +1150,9 @@ } }, "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "version": "4.17.20", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", + "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" }, "lodash.get": { "version": "4.4.2", @@ -1496,7 +1497,8 @@ "version": "1.6.1", "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", - "dev": true + "dev": true, + "optional": true }, "request": { "version": "2.88.0", diff --git a/package.json b/package.json index 873bd62..11bee0b 100644 --- a/package.json +++ b/package.json @@ -228,7 +228,7 @@ }, "dependencies": { "didyoumean2": "^1.3.0", - "lodash": "^4.17.15", + "lodash": "^4.17.20", "parse5": "^3.0.2", "pretty-hrtime": "^1.0.3", "typescript": "^3.5.3"