Skip to content

Commit 5fcfdc7

Browse files
andriy-sudoclaude
andriy-sudo
and
claude
authored
fix(security): bump lodash to ^4.18.0 (GHSA-f23m-r3pf-42rh, GHSA-r5fr-rjxr-66jc, ENG-14276) (#46)
lodash 4.17.23 pulled in via @trivago/prettier-plugin-sort-imports (dev dep). Override pins to ^4.18.0 (first patched release). Lock resolves to 4.18.1. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 25b006e commit 5fcfdc7

2 files changed

Lines changed: 5 additions & 4 deletions

File tree

package-lock.json

Lines changed: 3 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,8 @@
5555
},
5656
"flatted": "^3.4.2",
5757
"path-to-regexp": "^8.4.0",
58-
"picomatch": "^4.0.4"
58+
"picomatch": "^4.0.4",
59+
"lodash": "^4.18.0"
5960
},
6061
"keywords": [
6162
"mcp",

0 commit comments

Comments
 (0)