From ab5f9224f8c6e586b46856b8b5688953dd6e5b51 Mon Sep 17 00:00:00 2001 From: Trevor Date: Mon, 22 Jul 2019 21:32:48 -0700 Subject: [PATCH 1/2] upgrade lodash to address security alert --- package.json | 3 +++ yarn.lock | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 08e8e39..23e880c 100644 --- a/package.json +++ b/package.json @@ -37,5 +37,8 @@ "devDependencies": { "eslint": "^5.9.0", "isbinaryfile": "^3.0.3" + }, + "resolutions": { + "lodash": "^4.17.13" } } diff --git a/yarn.lock b/yarn.lock index 113ee2b..0eac957 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3757,10 +3757,10 @@ lodash.uniq@^4.5.0: resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773" integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M= -lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.5: - version "4.17.11" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d" - integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg== +lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.5: + version "4.17.15" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548" + integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A== loose-envify@^1.0.0: version "1.4.0" From d9e66e21232ef4256a8fd1facc045d1f97c325d4 Mon Sep 17 00:00:00 2001 From: Trevor Date: Sun, 28 Jul 2019 17:34:14 -0700 Subject: [PATCH 2/2] remove package.json resolution entry --- package.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/package.json b/package.json index 23e880c..08e8e39 100644 --- a/package.json +++ b/package.json @@ -37,8 +37,5 @@ "devDependencies": { "eslint": "^5.9.0", "isbinaryfile": "^3.0.3" - }, - "resolutions": { - "lodash": "^4.17.13" } }