From febe9b69e3b6a7ca68088713cecc1c2e57649dab Mon Sep 17 00:00:00 2001
From: Daniel Holbach <daniel@weave.works>
Date: Mon, 11 Feb 2019 11:57:12 +0100
Subject: [PATCH] fix CVE-2018-16487 (lodash vulnerability)

Signed-off-by: Daniel Holbach <daniel@weave.works>
---
 client/package.json | 2 +-
 client/yarn.lock    | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/client/package.json b/client/package.json
index ba1376648..4473a2e6a 100644
--- a/client/package.json
+++ b/client/package.json
@@ -25,7 +25,7 @@
     "immutable": "3.8.2",
     "json-stable-stringify": "1.0.1",
     "lcp": "1.1.0",
-    "lodash": "4.17.10",
+    "lodash": "4.17.11",
     "materialize-css": "0.98.1",
     "moment": "2.21.0",
     "page": "1.7.1",
diff --git a/client/yarn.lock b/client/yarn.lock
index 3ba30d096..ffa09d031 100644
--- a/client/yarn.lock
+++ b/client/yarn.lock
@@ -5078,9 +5078,9 @@ lodash.uniq@^4.5.0:
   version "4.5.0"
   resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
 
-lodash@4.17.10:
-  version "4.17.10"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.10.tgz#1b7793cf7259ea38fb3661d4d38b3260af8ae4e7"
+lodash@4.17.11:
+  version "4.17.11"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
 
 lodash@^3.10.0:
   version "3.10.1"