From f073b4601ca6065d88a9d4018d7efa6a53979ba7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 22 Jan 2026 12:20:16 +0000 Subject: [PATCH] fix: package.json & pnpm-lock.yaml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 --- package.json | 2 +- pnpm-lock.yaml | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index b93b439..4d9e965 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ "license": "MIT", "dependencies": { "dotenv": "^16.3.1", - "lodash": "^4.17.21" + "lodash": "^4.17.23" }, "devDependencies": { "@swc/cli": "^0.1.62", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 8dcd435..bdb8b6f 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -12,8 +12,8 @@ importers: specifier: ^16.3.1 version: 16.3.1 lodash: - specifier: ^4.17.21 - version: 4.17.21 + specifier: ^4.17.23 + version: 4.17.23 devDependencies: '@swc/cli': specifier: ^0.1.62 @@ -1964,8 +1964,8 @@ packages: lodash.merge@4.6.2: resolution: {integrity: sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==} - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} + lodash@4.17.23: + resolution: {integrity: sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==} lowercase-keys@2.0.0: resolution: {integrity: sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==} @@ -3921,7 +3921,7 @@ snapshots: dependencies: chalk: 4.1.2 date-fns: 2.30.0 - lodash: 4.17.21 + lodash: 4.17.23 rxjs: 7.8.1 shell-quote: 1.8.1 spawn-command: 0.0.2-1 @@ -4870,7 +4870,7 @@ snapshots: lodash.merge@4.6.2: {} - lodash@4.17.21: {} + lodash@4.17.23: {} lowercase-keys@2.0.0: {}