From 7ca8be2af1768371872c19084b643a30b3308d99 Mon Sep 17 00:00:00 2001
From: Brian Mearns <mearns.b@gmail.com>
Date: Wed, 10 Jul 2019 20:20:29 -0400
Subject: [PATCH] Update lodash for prototype pollution vulnerability

https://github.com/lodash/lodash/pull/4336
---
 package-lock.json | 8 ++++----
 package.json      | 3 ++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index d29eba9..9e7bcef 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "tracking-promise",
-  "version": "0.1.0",
+  "version": "1.0.0",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -1919,9 +1919,9 @@
       }
     },
     "lodash": {
-      "version": "4.17.11",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
-      "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.14.tgz",
+      "integrity": "sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==",
       "dev": true
     },
     "lodash.flattendeep": {
diff --git a/package.json b/package.json
index ab88829..3e3767c 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "tracking-promise",
-  "version": "1.0.0",
+  "version": "1.0.0-dev",
   "description": "A JavaScript library for tracking the success/failure of a promise without rejecting",
   "keywords": [
     "promise",
@@ -54,6 +54,7 @@
     "eslint-plugin-promise": "^4.1.1",
     "eslint-plugin-standard": "^4.0.0",
     "husky": "^2.3.0",
+    "lodash": ">=4.17.14",
     "mocha": "^6.1.4",
     "mochawesome": "^4.0.1",
     "node": "^10.9.0",