Migrate to lodash4

[louib]

@gregors @harlow @davidlumley :wave:

This is to fix the following security vulnerabilities, now flagged as high by npm audit: https://npmjs.com/advisories/577 https://npmjs.com/advisories/782 https://npmjs.com/advisories/1065

Also related to https://github.com/clearbit/clearbit-node/issues/20

I ran the tests locally and they are all passing.

migration

There are 4 lodash functions used in the library:

• extend
• omit
• isEmpty
• defaults

Previous version was lodash 2, for which the doc is here New version is lodash 4, for which the doc is here

Going through the migration, one function at a time.

omit

https://lodash.com/docs/2.4.2#omit https://lodash.com/docs/4.17.15#omit Same thing here except that the callback way to use the function is no longer available in lodash 4. I added the property names as an array just for clarity.

isEmpty

https://lodash.com/docs/2.4.2#isEmpty https://lodash.com/docs/4.17.15#isEmpty Function signature is the same, the new version seems to be handling more data types, and that's it.

defaults

https://lodash.com/docs/2.4.2#defaults https://lodash.com/docs/4.17.15#defaults looks like only the documentation changed, to mention that only string keyed properties are used from the source object.

extend

https://lodash.com/docs/2.4.2#assign https://lodash.com/docs/4.17.15#assignIn https://lodash.com/docs/4.17.15#assign

This one is a bit trickier. The difference between extend (assign) in lodash 2 and extend (assignIn) in lodash 4 is that assignIn "iterates over own and inherited source properties", whereas lodash 4 assign and lodash 2 assign and extend only iterated over the objects' own property (I tested that in the REPL of lodash 2). Since the extend alias switched from assign to assignIn, I changed to assign explicitly to preserve the behavior.

[davidlumley]

Thanks @louib, appreciate the PR 💖 Testing now, will merge and publish shortly.

[davidlumley]

Version 1.3.5 which includes this PR is up on NPM now. Thanks again @louib!