From 7aa255998f4f61ce6a85a5dce022960bd2b5b352 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 23 Feb 2021 06:02:23 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4a379bf..2440712 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1816,9 +1816,9 @@ } }, "lodash": { - "version": "4.17.19", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", - "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" + "version": "4.17.21", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" }, "lodash.flattendeep": { "version": "4.4.0", diff --git a/package.json b/package.json index 04721ce..75a9917 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ }, "homepage": "https://github.com/alykoshin/micromongo", "dependencies": { - "lodash": "^4.17.19", + "lodash": "^4.17.21", "mini-deep-assign": "^0.0.8", "minimist": "^1.2.5", "nyc": "^15.1.0"