From 8ae842c28dca21c8f2f5637a8d92e6294e66a7e9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 15 Jan 2023 03:28:50 +0000 Subject: [PATCH] fix: upgrade lodash from 4.17.4 to 4.17.21 Snyk has created this PR to upgrade lodash from 4.17.4 to 4.17.21. See this package in npm: See this project in Snyk: https://app.snyk.io/org/twitter-oss/project/35560667-929b-4814-9511-c8e672cfa8a6?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 86d33ef..fb2899a 100644 --- a/package.json +++ b/package.json @@ -77,7 +77,7 @@ "d3": "^4.4.1", "d3kit": "^3.2.0", "heap": "^0.2.6", - "lodash": "^4.17.4", + "lodash": "^4.17.21", "webcola": "^3.3.0" } } diff --git a/yarn.lock b/yarn.lock index a9f8cde..e787250 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3525,10 +3525,15 @@ lodash@^3.10.1, lodash@^3.8.0: version "3.10.1" resolved "https://registry.yarnpkg.com/lodash/-/lodash-3.10.1.tgz#5bf45e8e49ba4189e17d482789dfd15bd140b7b6" -lodash@^4.0.0, lodash@^4.0.1, lodash@^4.14.0, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.3.0: +lodash@^4.0.0, lodash@^4.0.1, lodash@^4.14.0, lodash@^4.2.0, lodash@^4.3.0: version "4.17.4" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" +lodash@^4.17.21: + version "4.17.21" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" + integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== + lodash@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/lodash/-/lodash-1.0.2.tgz#8f57560c83b59fc270bd3d561b690043430e2551"