From 8f6747e776ccf8724c0e6fcc48f43382393fc9f4 Mon Sep 17 00:00:00 2001 From: "D. J. Hagberg" <dhagberg@salesforce.com> Date: Thu, 9 Jul 2020 14:19:50 -0600 Subject: [PATCH] Update lodash to 4.17.19 to fix Object Prototype Pollution Security Vulnerability --- package-lock.json | 48 +++++++---------------------------------------- package.json | 2 +- 2 files changed, 8 insertions(+), 42 deletions(-) diff --git a/package-lock.json b/package-lock.json index eafd3c9a6..3a898dcb4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "jsforce", - "version": "1.9.2", + "version": "1.9.3", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -2284,12 +2284,9 @@ } }, "csv-parse": { - "version": "4.6.3", - "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.6.3.tgz", - "integrity": "sha512-pAxEb5kabSaKEwqSXv7vpq6eucXQgY67MLpeLwnYCd21YjTD5OCIIIXGKyUKN/uNQNnzW/elNfxJfozQ1EjB/g==", - "requires": { - "pad": "^3.2.0" - } + "version": "4.10.1", + "resolved": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.10.1.tgz", + "integrity": "sha512-gdDJVchi0oSLIcYXz1H/VSgLE6htHDqJyFsRU/vTkQgmVOZ3S0IR2LXnNbWUYG7VD76dYVwdfBLyx8AX9+An8A==" }, "csv-stringify": { "version": "1.1.2", @@ -2409,21 +2406,6 @@ "integrity": "sha1-vLgrqnKtebQmp2cy8aga1t8m1oQ=", "dev": true }, - "defaults": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.3.tgz", - "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=", - "requires": { - "clone": "^1.0.2" - }, - "dependencies": { - "clone": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", - "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=" - } - } - }, "define-properties": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.2.tgz", @@ -5506,9 +5488,9 @@ } }, "lodash": { - "version": "4.17.14", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.14.tgz", - "integrity": "sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==" + "version": "4.17.19", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz", + "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==" }, "lodash._basecopy": { "version": "3.0.1", @@ -6455,14 +6437,6 @@ "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=", "dev": true }, - "pad": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/pad/-/pad-3.2.0.tgz", - "integrity": "sha512-2u0TrjcGbOjBTJpyewEl4hBO3OeX5wWue7eIFPzQTg6wFSvoaHcBTTUY5m+n0hd04gmTCPuY0kCpVIVuw5etwg==", - "requires": { - "wcwidth": "^1.0.1" - } - }, "pako": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.6.tgz", @@ -8803,14 +8777,6 @@ "integrity": "sha1-oW0CXrkxvQO1LzCMrtD0D86+lTI=", "dev": true }, - "wcwidth": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/wcwidth/-/wcwidth-1.0.1.tgz", - "integrity": "sha1-8LDc+RW8X/FSivrbLA4XtTLaL+g=", - "requires": { - "defaults": "^1.0.3" - } - }, "websocket-driver": { "version": "0.7.0", "resolved": "https://registry.npmjs.org/websocket-driver/-/websocket-driver-0.7.0.tgz", diff --git a/package.json b/package.json index 5255960cd..aee5f4c4d 100644 --- a/package.json +++ b/package.json @@ -64,7 +64,7 @@ "csv-stringify": "^1.0.4", "faye": "^1.2.0", "inherits": "^2.0.1", - "lodash": "^4.17.14", + "lodash": "^4.17.19", "multistream": "^2.0.5", "opn": "^5.3.0", "promise": "^7.1.1",