From 02794bdb083d439449fb7ebd3f30023fedd9b726 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 11 Jul 2019 02:44:03 +0000 Subject: [PATCH] [Security] Bump lodash from 4.17.11 to 4.17.13 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. **This update includes security fixes.** - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13) Signed-off-by: dependabot-preview[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 41e5186..f1941d4 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "apollo-server": "^2.6.7", "got": "^9.6.0", "graphql": "^14.0.2", - "lodash": "^4.17.11", + "lodash": "^4.17.13", "metascraper": "^4.10.3", "metascraper-audio": "^5.5.0", "metascraper-author": "^4.8.5", diff --git a/yarn.lock b/yarn.lock index 2ddf5c2..6462503 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2211,10 +2211,10 @@ lodash.sortby@^4.7.0: resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438" integrity sha1-7dFMgk4sycHgsKG0K7UhBRakJDg= -lodash@^4.13.1, lodash@^4.15.0, lodash@^4.17.11, lodash@~4.17.10, lodash@~4.17.11: - version "4.17.11" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d" - integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg== +lodash@^4.13.1, lodash@^4.15.0, lodash@^4.17.13, lodash@~4.17.10, lodash@~4.17.11: + version "4.17.13" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.13.tgz#0bdc3a6adc873d2f4e0c4bac285df91b64fc7b93" + integrity sha512-vm3/XWXfWtRua0FkUyEHBZy8kCPjErNBT9fJx8Zvs+U6zjqPbTUOpkaoum3O5uiA8sm+yNMHXfYkTUHFoMxFNA== long@^4.0.0: version "4.0.0"