Upgrade Lodash dependencies to latest

[karlhorky]

To fix high severity security issue in lodash.merge.

More info: https://snyk.io/blog/snyk-research-team-discovers-severe-prototype-pollution-security-vulnerabilities-affecting-all-versions-of-lodash/

Wasn't able to run the tests or the build locally (gave me errors), so maybe I can get some guidance whether this will break anything...

[karlhorky]

My fix in karlhorky/mailgun-js-suppression-notifications-poc@bd6c9c2 with Yarn resolutions seems to not cause problems. But I'm not using much of the mailgun.js API either...

[karlhorky]

cc @jessespears @jmontemayor @srph

[karlhorky]

The tests appear to be broken for all PRs, with peer dependency errors:

npm ERR! Linux 4.15.0-1028-gcp
npm ERR! argv "/home/travis/.nvm/versions/node/v4.1.2/bin/node" "/home/travis/.nvm/versions/node/v4.1.2/bin/npm" "install"
npm ERR! node v4.1.2
npm ERR! npm  v2.14.4
npm ERR! code EPEERINVALID
npm ERR! peerinvalid The package webpack@1.15.0 does not satisfy its siblings' peerDependencies requirements!
npm ERR! peerinvalid Peer expose-loader@0.7.5 wants webpack@^2.0.0 || ^3.0.0 || ^4.0.0
npm ERR! peerinvalid Peer webpack-dev-server@1.16.5 wants webpack@>=1.3.0 <3
npm ERR! peerinvalid Peer babel-loader@5.4.2 wants webpack@1 || 2 || ^2.1.0-beta

Also broken on my PR #47, which is a simple edit to the readme.

[mfanuzzi]

Dependbot flagging this since introducing Mailgun to my project recently.

That this is still an issue a year after this ticket was opened is kinda making me question my choice to go with Mailgun TBH.

[olexandr-mazepa]

It seems we don't use lodash anymore but anyway thank you for your PR.