update lodash
firefoxNX opened this issue · 1 comments
firefoxNX commented
lodash version 4.17.4 had critical vulnerabilities which were fixed. can we upgrade to latest version of lodash?
mastermatt commented
@firefoxNX this repo library isn't maintained anymore.
But it's dependency on LoDash is^4.17.4
, which means it doesn't restrict consumers from upgrading to new minor and patch versions. There's no reason why you can't run the current version 4.17.15
with Swagger Tools.