Merge pull request #181 from SiemvandenBerg/bump-lodash-vulnerability

VincentLanglet · web-flow · commit b309142b8784 · 2021-04-08T11:14:02.000+02:00
bump lodash from 4.17.15 to 4.17.21 to fix vulnerabilities
diff --git a/package.json b/package.json
@@ -41,7 +41,7 @@
   "license": "MIT",
   "dependencies": {
     "@types/cheerio": "^0.22.22",
-    "lodash": "^4.17.15",
+    "lodash": "^4.17.21",
     "react-is": "^16.12.0"
   },
   "peerDependencies": {
diff --git a/yarn.lock b/yarn.lock
@@ -3854,6 +3854,11 @@ lodash@^4.17.19:
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
   integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==
 
+lodash@^4.17.21:
+  version "4.17.21"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
+  integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
+
 loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf"
