Upgrade lodash for security reasons (#27)

* Cleanup: remove "make dist" target
* Pin lodash to ^4.17.11
main
Marian Steinbach 4 years ago committed by GitHub
parent 04899f28b7
commit d03575d941
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 6
      Makefile
  2. 1
      package.json
  3. 2
      yarn.lock

@ -1,16 +1,10 @@
IMAGE := quay.io/netzbegruenung/green-spider:latest
# Build the web application to be served by a static web server
build:
yarn build
# Copy build output to the /docs folder where it's served by Github pages
dist: build
rm -rf docs
cp -r build docs
# Run a development server on http://localhost:8000
dev:
docker-compose -f docker-compose.yaml up --build

@ -31,6 +31,7 @@
"history": "^4.7.2",
"html-webpack-plugin": "2.29.0",
"jest": "20.0.4",
"lodash": "^4.17.11",
"lunr": "^2.3.4",
"object-assign": "4.1.1",
"postcss-flexbugs-fixes": "3.2.0",

@ -4889,7 +4889,7 @@ lodash.uniq@^4.5.0:
resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
"lodash@>=3.5 <5", lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.2, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.3.0:
"lodash@>=3.5 <5", lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.2, lodash@^4.17.3, lodash@^4.17.4, lodash@^4.3.0:
version "4.17.11"
resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==

Loading…
Cancel
Save