From 803b3ad76842985733caeb7577fbbb1437eddb77 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 10:08:31 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)
 mode change 100755 => 100644 package.json

diff --git a/package-lock.json b/package-lock.json
index 4a7de45..e7395c9 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
       "dependencies": {
         "@runnerty/interpreter-core": "~3.1.2",
         "json-stringify-safe": "~5.0.1",
-        "lodash": "~4.17.21",
+        "lodash": "^4.17.23",
         "millisecond": "~0.1.2"
       },
       "devDependencies": {
@@ -993,9 +993,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
       "license": "MIT"
     },
     "node_modules/lodash.merge": {
diff --git a/package.json b/package.json
old mode 100755
new mode 100644
index 5e1287a..6d531a2
--- a/package.json
+++ b/package.json
@@ -29,7 +29,7 @@
   "dependencies": {
     "@runnerty/interpreter-core": "~3.1.2",
     "json-stringify-safe": "~5.0.1",
-    "lodash": "~4.17.21",
+    "lodash": "~4.17.23",
     "millisecond": "~0.1.2"
   },
   "devDependencies": {