From 846e08210768461903993bdfa304bd509500a5a8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 26 Jan 2026 07:43:15 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-LODASHES-15053836 --- package-lock.json | 12 ++++++++---- package.json | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6df1b205f8a4..cf646f60980a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -52,8 +52,8 @@ "js-cookie": "^3.0.1", "js-yaml": "^4.1.0", "liquidjs": "^10.7.0", - "lodash": "^4.17.21", - "lodash-es": "^4.17.21", + "lodash": "^4.17.23", + "lodash-es": "^4.17.23", "lowdb": "6.0.0", "lowlight": "3.0.0", "mdast-util-from-markdown": "^2.0.0", @@ -9491,11 +9491,15 @@ } }, "node_modules/lodash": { - "version": "4.17.21", + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz", + "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==", "license": "MIT" }, "node_modules/lodash-es": { - "version": "4.17.21", + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.23.tgz", + "integrity": "sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==", "license": "MIT" }, "node_modules/lodash.camelcase": { diff --git a/package.json b/package.json index 6826324b8166..763b37761726 100644 --- a/package.json +++ b/package.json @@ -101,8 +101,8 @@ "js-cookie": "^3.0.1", "js-yaml": "^4.1.0", "liquidjs": "^10.7.0", - "lodash": "^4.17.21", - "lodash-es": "^4.17.21", + "lodash": "^4.17.23", + "lodash-es": "^4.17.23", "lowdb": "6.0.0", "lowlight": "3.0.0", "mdast-util-from-markdown": "^2.0.0",