From 4b68a54b69392b983bd29682d233cef0332d4836 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 22 Feb 2021 23:18:24 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) mode change 100755 => 100644 package.json diff --git a/package-lock.json b/package-lock.json index 081d9b6..d202041 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1242,9 +1242,9 @@ "dev": true }, "lodash": { - "version": "4.17.15", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "log-driver": { "version": "1.2.7", diff --git a/package.json b/package.json old mode 100755 new mode 100644 index b948f1f..4ac6c6b --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "js-yaml": ">=3.13.1", "json5": "^2.1.0", "jsonfile": "^5.0.0", - "lodash": ">=4.17.12", + "lodash": ">=4.17.21", "mathjs": "^5.3.1", "minimist": "^1.2.5", "mkdirp": "^0.5.1",