From 29da6ddc4fdae6c9e256779843c0d05e8d142f94 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 10 Jul 2020 03:25:25 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- package-lock.json | 19 ++++++++++++------- package.json | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4e340e3..e11cde0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2451,7 +2451,8 @@ }, "ansi-regex": { "version": "2.1.1", - "bundled": true + "bundled": true, + "optional": true }, "aproba": { "version": "1.2.0", @@ -2816,7 +2817,8 @@ }, "safe-buffer": { "version": "5.1.1", - "bundled": true + "bundled": true, + "optional": true }, "safer-buffer": { "version": "2.1.2", @@ -2864,6 +2866,7 @@ "strip-ansi": { "version": "3.0.1", "bundled": true, + "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -2902,11 +2905,13 @@ }, "wrappy": { "version": "1.0.2", - "bundled": true + "bundled": true, + "optional": true }, "yallist": { "version": "3.0.2", - "bundled": true + "bundled": true, + "optional": true } } }, @@ -3640,9 +3645,9 @@ "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4=" }, "lodash": { - "version": "4.17.11", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz", - "integrity": "sha1-s56mIp72B+zYniyN8SU2iRysm40=" + "version": "4.17.16", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.16.tgz", + "integrity": "sha512-mzxOTaU4AsJhnIujhngm+OnA6JX4fTI8D5H26wwGd+BJ57bW70oyRwTqo6EFJm1jTZ7hCo7yVzH1vB8TMFd2ww==" }, "lodash._baseassign": { "version": "3.2.0", diff --git a/package.json b/package.json index 4353fcf..782cf7e 100644 --- a/package.json +++ b/package.json @@ -48,7 +48,7 @@ "javascript-brunch": ">= 1.0 < 1.8", "javascript-state-machine": "~2.3.5", "jquery": "~2.2.0", - "lodash": "~4.17.5", + "lodash": "~4.17.16", "moment": "~2.11.2", "mongoose": "~4.4.6", "morgan": "~1.6.1",