From 8e9ad5e4bdb625d89b086efecd8157f05a114df1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 17 Apr 2024 05:40:04 +0000
Subject: [PATCH] fix:
 javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json
 to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239
---
 .../src-non-vulnerable-lodash/package.json                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json
index 26f56110158d..cf7708de2cac 100644
--- a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json
+++ b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-non-vulnerable-lodash/package.json
@@ -1,5 +1,5 @@
 {
     "dependencies": {
-        "lodash": "4.17.12"
+        "lodash": "4.17.17"
     }
 }