From 969bef1530f2cb16a774ad18caaeb3f67a669734 Mon Sep 17 00:00:00 2001 From: ssube Date: Tue, 10 Sep 2019 20:26:28 -0500 Subject: [PATCH] update: resolve lodash past vulnerable versions --- package.json | 3 +++ yarn.lock | 7 +------ 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 64541e7..99b36e8 100644 --- a/package.json +++ b/package.json @@ -69,5 +69,8 @@ "dependencies": {}, "nyc": { "extends": "@istanbuljs/nyc-config-typescript" + }, + "resolutions": { + "lodash": "4.17.15" } } diff --git a/yarn.lock b/yarn.lock index f45abcb..45b1a99 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1589,16 +1589,11 @@ lodash.templatesettings@^4.0.0: dependencies: lodash._reinterpolate "^3.0.0" -lodash@4.17.15, lodash@^4.17.13, lodash@^4.17.15: +lodash@4.17.15, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.15, lodash@^4.2.1: version "4.17.15" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548" integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A== -lodash@^4.17.11, lodash@^4.2.1: - version "4.17.11" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d" - integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg== - log-symbols@2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-2.2.0.tgz#5740e1c5d6f0dfda4ad9323b5332107ef6b4c40a"