[[FIX]] Update Lodash to latest 4.17.19 (#3494)

Address vulnerability of type "Prototype Pollution in lodash" GHSA-p6mc-m468-83gw It is not sure whether this is at all relevant for jshint, but at the moment, GitHub's Dependabot sends vulnerability alerts to all respositories with a dependency to jshint, e.g. https://github.com/alexandrainst/node-red-contrib-parser-ini/network/alert/package-lock.json/lodash/open So it would be nice to issue a new jshint release ASAP to offer an easy way forward for those projects with a (dev) dependency to jshint. https://github.com/lodash/lodash/wiki/Changelog
jshint · Jul 25, 2020 · 17d8f5a · 17d8f5a
1 parent 1013d51
commit 17d8f5a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/package.json b/package.json
@@ -44,7 +44,7 @@
     "console-browserify": "1.1.x",
     "exit": "0.1.x",
     "htmlparser2": "3.8.x",
-    "lodash": "~4.17.11",
+    "lodash": "~4.17.19",
     "minimatch": "~3.0.2",
     "shelljs": "0.3.x",
     "strip-json-comments": "1.0.x"