Merge pull request #58 from azuqua/fix/CVE-2019-10744

chore: upgrade lodash per CVE-2019-10744
azuqua · Jul 15, 2019 · 6ab62aa · 6ab62aa
2 parents e3bd126 + 3143fd1
commit 6ab62aa
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/package.json b/package.json
@@ -22,7 +22,7 @@
   "dependencies": {
     "cassandra-driver": "^3.6.0",
     "inherits": "^2.0.3",
-    "lodash": "^4.17.10"
+    "lodash": "^4.17.14"
   },
   "devDependencies": {
     "async": "^3.0.1",

diff --git a/yarn.lock b/yarn.lock
@@ -1102,7 +1102,12 @@ lodash.flattendeep@^4.4.0:
   resolved "https://registry.yarnpkg.com/lodash.flattendeep/-/lodash.flattendeep-4.4.0.tgz#fb030917f86a3134e5bc9bec0d69e0013ddfedb2"
   integrity sha1-+wMJF/hqMTTlvJvsDWngAT3f7bI=
 
-lodash@^4.17.10, lodash@^4.17.11, lodash@~4.17.10, lodash@~4.17.11, lodash@~4.17.5:
+lodash@^4.17.11, lodash@^4.17.14:
+  version "4.17.14"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.14.tgz#9ce487ae66c96254fe20b599f21b6816028078ba"
+  integrity sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==
+
+lodash@~4.17.10, lodash@~4.17.11, lodash@~4.17.5:
   version "4.17.11"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
   integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==