From 7cbf65ed1296450784358ff69ef12f4d2b85dfd2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 3 Apr 2026 06:27:29 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-15869625
- https://snyk.io/vuln/SNYK-JS-LODASH-15869619
---
 package-lock.json | 14 ++++++++++----
 package.json      |  2 +-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index c8ffb35..172e64a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -18,7 +18,7 @@
         "collapse-whitespace": "^1.1.7",
         "jsdom": "^23.2.0",
         "jsonschema": "^1.5.0",
-        "lodash": "^4.17.23",
+        "lodash": "^4.18.1",
         "omit-deep-lodash": "^1.1.7"
       },
       "devDependencies": {
@@ -10420,9 +10420,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.23",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
-      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "version": "4.18.1",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+      "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
       "license": "MIT"
     },
     "node_modules/lodash.clonedeep": {
@@ -11499,6 +11499,12 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/omit-deep-lodash/node_modules/lodash": {
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "license": "MIT"
+    },
     "node_modules/once": {
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
diff --git a/package.json b/package.json
index 8ad6de5..3fa512a 100644
--- a/package.json
+++ b/package.json
@@ -16,7 +16,7 @@
     "collapse-whitespace": "^1.1.7",
     "jsdom": "^23.2.0",
     "jsonschema": "^1.5.0",
-    "lodash": "^4.17.23",
+    "lodash": "^4.18.1",
     "omit-deep-lodash": "^1.1.7"
   },
   "devDependencies": {