Lodash needs to be updated to fix security vulnerabilites

ggordan / react-infinite-grid

A React component which renders a grid of elements.

MIT License

202 stars 39 forks source link

Lodash needs to be updated to fix security vulnerabilites #20

Open samgermain opened 3 years ago

samgermain commented 3 years ago

Just installed, and received a few notifications about security vulnerabilites like

  High            Prototype Pollution                                           

  Package         lodash                                                        

  Patched in      >=4.17.12                                                     

  Dependency of   react-infinite-grid                                           

  Path            react-infinite-grid > lodash                                  

  More info       https://npmjs.com/advisories/1065

I think updating lodash with npm install lodash@latest fixes them all