From 0b0d44844fcf9f44297ef9e158d6131c2ff901de Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 28 Aug 2020 08:37:00 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
---
 package-lock.json | 10 ++++++----
 package.json      |  2 +-
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a9b8dd2..b2a5165 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1757,9 +1757,9 @@
       }
     },
     "lodash": {
-      "version": "4.17.10",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz",
-      "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg=="
+      "version": "4.17.17",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.17.tgz",
+      "integrity": "sha512-/B2DjOphAoqi5BX4Gg2oh4UR0Gy/A7xYAMh3aSECEKzwS3eCDEpS0Cals1Ktvxwlal3bBJNc+5W9kNIcADdw5Q=="
     },
     "lodash.assign": {
       "version": "4.2.0",
@@ -1957,6 +1957,7 @@
           "version": "0.1.4",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "kind-of": "^3.0.2",
             "longest": "^1.0.1",
@@ -2899,7 +2900,8 @@
         "longest": {
           "version": "1.0.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "lru-cache": {
           "version": "4.1.3",
diff --git a/package.json b/package.json
index 35f38cd..d4f5034 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
   },
   "dependencies": {
     "js-yaml": "^3.6.1",
-    "lodash": "^4.13.1",
+    "lodash": "^4.17.17",
     "moment": "^2.13.0",
     "shelljs": "^0.7.0",
     "yargs": "^4.7.1"