fix CVE-2020-8203 (lodash vulnerability)

2026-02-14 10:00:13 +00:00 · 2021-02-10 09:15:20 +01:00
parent 8f116e9fdb
commit 4628ff8d54
2 changed files with 5 additions and 5 deletions
--- a/client/package.json
+++ b/client/package.json
@@ -26,7 +26,7 @@
    "immutable": "3.8.2",
    "json-stable-stringify": "1.0.1",
    "lcp": "1.1.0",
-    "lodash": "4.17.19",
+    "lodash": "4.17.20",
    "moment": "2.24.0",
    "page": "1.11.4",
    "polished": "3.4.1",
--- a/client/yarn.lock
+++ b/client/yarn.lock
@@ -5287,10 +5287,10 @@ lodash.sortby@^4.7.0:
  version "4.7.0"
  resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438"

-lodash@4.17.19, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.4, lodash@^4.17.5:
-  version "4.17.19"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
-  integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==
+lodash@4.17.20, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.4, lodash@^4.17.5:
+  version "4.17.20"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
+  integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==

 log-symbols@^2.2.0:
  version "2.2.0"