From 0dd7bcc2c7e716492e80ca83002719bd6e1c165f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 25 Jan 2026 11:15:05 +0000 Subject: [PATCH 1/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8bdd363..56f949d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,7 +21,7 @@ "express-rate-limit": "^7.2.0", "express-validator": "^7.0.1", "js-yaml": "^4.1.0", - "lodash": "^4.14.191", + "lodash": "^4.17.23", "multer": "^1.4.5-lts.1", "nodemailer": "^6.9.1", "papaparse": "^5.4.1", @@ -7909,9 +7909,9 @@ } }, "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", + "version": "4.17.23", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz", + "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==", "license": "MIT" }, "node_modules/lodash.defaults": { diff --git a/package.json b/package.json index d2b3fb1..1434a5b 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "express-rate-limit": "^7.2.0", "express-validator": "^7.0.1", "js-yaml": "^4.1.0", - "lodash": "^4.14.191", + "lodash": "^4.17.23", "multer": "^1.4.5-lts.1", "nodemailer": "^6.9.1", "papaparse": "^5.4.1", From a0d71df5fe5f661e4ad23a5c4c0da900b690d5a2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 30 Jan 2026 13:15:08 +0000 Subject: [PATCH 2/2] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-15053838