From 99d991df18414cd98671adb9544aa63cdf0fb2be Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 22 Jan 2026 09:26:04 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 4e936220f..76e133739 100644
--- a/package.json
+++ b/package.json
@@ -11,16 +11,16 @@
     "clean": "git checkout data/{**/,}**/logo-white.png"
   },
   "dependencies": {
-    "canvas": "^2.11.2",
+    "canvas": "^3.0.0",
     "isomorphic-fetch": "^3.0.0"
   },
   "devDependencies": {
     "ava": "^3.15.0",
     "axios": "^0.21.1",
     "axios-retry": "^3.1.9",
-    "ethers": "^5.3.0",
+    "ethers": "^6.0.0",
     "image-pixels": "^2.2.2",
-    "lodash": "^4.17.21",
+    "lodash": "^4.17.23",
     "looks-same": "^7.3.0",
     "nearest-color": "^0.4.4",
     "prompts": "^2.4.1",