15524: Upgrades lodash to address CVE-2019-10744.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>

diff --git a/package.json b/package.json
index e004dcced6be3794df63003abe0a917ccae39082..b8adb9732233bdc15c0b4ea0e641c1753a3854c8 100644 (file)
--- a/package.json
+++ b/package.json
@@ -27,7 +27,7 @@
     "js-yaml": "3.12.0",
     "jssha": "2.3.1",
     "jszip": "3.1.5",
-    "lodash": "4.17.11",
+    "lodash": "4.17.13",
     "react": "16.5.2",
     "react-copy-to-clipboard": "5.0.1",
     "react-dnd": "5.0.0",

diff --git a/yarn.lock b/yarn.lock
index 87cc56aace43fb1ad7d1bc854c7ac96ccd54b5c0..901ace1f285f9a2e19aa4daa18c39709aca4a476 100644 (file)
--- a/yarn.lock
+++ b/yarn.lock
@@ -5098,7 +5098,12 @@ lodash.uniq@^4.5.0:
   version "4.5.0"
   resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
 
-lodash@4.17.11, "lodash@>=3.5 <5", lodash@^4.0.0, lodash@^4.13.1, lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.2, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.2.0, lodash@^4.2.1, lodash@^4.3.0, lodash@~4.17.10:
+lodash@4.17.13:
+  version "4.17.13"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.13.tgz#0bdc3a6adc873d2f4e0c4bac285df91b64fc7b93"
+  integrity sha512-vm3/XWXfWtRua0FkUyEHBZy8kCPjErNBT9fJx8Zvs+U6zjqPbTUOpkaoum3O5uiA8sm+yNMHXfYkTUHFoMxFNA==
+
+"lodash@>=3.5 <5", lodash@^4.0.0, lodash@^4.13.1, lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.2, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.2.0, lodash@^4.2.1, lodash@^4.3.0, lodash@~4.17.10:
   version "4.17.11"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"