From ed655488e33eafd1c61d5f7b35b9a77b14b30bea Mon Sep 17 00:00:00 2001
From: Tom Kirkpatrick <tkp@kirkdesigns.co.uk>
Date: Thu, 11 Jul 2019 21:55:13 +0200
Subject: [PATCH] fix(deps): update all lodash variants to 4.17.14

Update lodash dependencies to avoid CVEs found in the 'lodash' package.
---
 package.json |  5 ++++-
 yarn.lock    | 13 ++++---------
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/package.json b/package.json
index 3a553782902..ba9ebb07919 100644
--- a/package.json
+++ b/package.json
@@ -342,7 +342,7 @@
     "jstimezonedetect": "1.0.6",
     "lnd-grpc": "0.3.0-4",
     "lndconnect": "0.2.7",
-    "lodash": "4.17.13",
+    "lodash": "4.17.14",
     "node-fetch": "2.6.0",
     "polished": "3.4.1",
     "prop-types": "15.7.2",
@@ -373,5 +373,8 @@
     "validator": "11.0.0",
     "yup": "0.27.0"
   },
+  "resolutions": {
+    "lodash": "4.17.14"
+  },
   "main": "./dist/main.js"
 }
diff --git a/yarn.lock b/yarn.lock
index 94c956c3e91..b8aa278d9a1 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -10894,15 +10894,10 @@ lodash.throttle@^4.1.1:
   resolved "https://registry.yarnpkg.com/lodash.throttle/-/lodash.throttle-4.1.1.tgz#c23e91b710242ac70c37f1e1cda9274cc39bf2f4"
   integrity sha1-wj6RtxAkKscMN/HhzaknTMOb8vQ=
 
-lodash@4.17.11, "lodash@4.6.1 || ^4.16.1", lodash@^4.0.1, lodash@^4.14.0, lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.2.1, lodash@^4.3.0, lodash@~4.17.4:
-  version "4.17.11"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
-  integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==
-
-lodash@4.17.13:
-  version "4.17.13"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.13.tgz#0bdc3a6adc873d2f4e0c4bac285df91b64fc7b93"
-  integrity sha512-vm3/XWXfWtRua0FkUyEHBZy8kCPjErNBT9fJx8Zvs+U6zjqPbTUOpkaoum3O5uiA8sm+yNMHXfYkTUHFoMxFNA==
+lodash@4.17.11, lodash@4.17.14, "lodash@4.6.1 || ^4.16.1", lodash@^4.0.1, lodash@^4.14.0, lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.2.1, lodash@^4.3.0, lodash@~4.17.4:
+  version "4.17.14"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.14.tgz#9ce487ae66c96254fe20b599f21b6816028078ba"
+  integrity sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==
 
 log-driver@^1.2.7:
   version "1.2.7"