From 4c757955470112108eb3929a2889429ed179dd99 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 22 Jan 2026 10:54:15 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-LODASHES-15053836 --- package-lock.json | 12 ++++++++---- package.json | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index aed96f326cb4..8311406bd6b9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -59,8 +59,8 @@ "js-cookie": "^3.0.1", "js-yaml": "^4.1.0", "liquidjs": "^10.16.1", - "lodash": "^4.17.21", - "lodash-es": "^4.17.21", + "lodash": "^4.17.23", + "lodash-es": "^4.17.23", "lowdb": "7.0.1", "lowlight": "3.1.0", "markdownlint-rule-helpers": "^0.25.0", @@ -9394,11 +9394,15 @@ "dev": true }, "node_modules/lodash": { - "version": "4.17.21", + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz", + "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==", "license": "MIT" }, "node_modules/lodash-es": { - "version": "4.17.21", + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.23.tgz", + "integrity": "sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==", "license": "MIT" }, "node_modules/lodash.camelcase": { diff --git a/package.json b/package.json index 104f43d29bce..8ccd741b204d 100644 --- a/package.json +++ b/package.json @@ -295,8 +295,8 @@ "js-cookie": "^3.0.1", "js-yaml": "^4.1.0", "liquidjs": "^10.16.1", - "lodash": "^4.17.21", - "lodash-es": "^4.17.21", + "lodash": "^4.17.23", + "lodash-es": "^4.17.23", "lowdb": "7.0.1", "lowlight": "3.1.0", "markdownlint-rule-helpers": "^0.25.0",