From 118d660e8ed8467dd8a8f94d2e68b3c24851a2b2 Mon Sep 17 00:00:00 2001
From: Didier Lafforgue <didier.lafforgue@gmail.com>
Date: Mon, 22 Jul 2019 12:14:46 +0200
Subject: [PATCH] fix JS vulnerabilities

---
 package.json | 3 ++-
 yarn.lock    | 7 ++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 31fb2af98d..5d27fe1cb5 100644
--- a/package.json
+++ b/package.json
@@ -32,6 +32,7 @@
     "enzyme": "^3.8.0",
     "enzyme-adapter-react-16": "^1.7.1",
     "fstream": "^1.0.12",
+    "handlebars": ">=4.0.14",
     "hoek": "^4.1.2",
     "identity-obj-proxy": "^3.0.0",
     "js-yaml": "^3.13.0",
@@ -61,7 +62,7 @@
     "i18next": "^11.9.0",
     "immutability-helper": "^2.7.0",
     "immutable": "^3.8.2",
-    "lodash": "^4.17.10",
+    "lodash": "^4.17.13",
     "prop-types": "^15.6.2",
     "rc-switch": "^1.8.0",
     "react": "^16.7.0",
diff --git a/yarn.lock b/yarn.lock
index 8912ee4fb1..86d5d6220d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3629,7 +3629,7 @@ h2x-types@^1.1.0:
   resolved "https://registry.yarnpkg.com/h2x-types/-/h2x-types-1.1.0.tgz#ec0d5e3674e2207269f32976ac9c82aaff4818e6"
   integrity sha512-QdH5qfLcdF209UsCdM0ZNZ9Dwm2PHvMfeLZtivBrjX3Y/df4US2pwsUC4HBfWhye/mx/t6puODeC7Oacb/Ol8g==
 
-handlebars@^4.1.2:
+handlebars@>=4.0.14, handlebars@^4.1.2:
   version "4.1.2"
   resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.1.2.tgz#b6b37c1ced0306b221e094fc7aca3ec23b131b67"
   integrity sha512-nvfrjqvt9xQ8Z/w0ijewdD/vvWDTOweBUm96NTr66Wfvo1mJenBLwcYmPs3TIBP5ruzYGD7Hx/DaM9RmhroGPw==
@@ -5090,6 +5090,11 @@ lodash@^4.0.0, lodash@^4.13.1, lodash@^4.15.0, lodash@^4.17.10, lodash@^4.17.11,
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
   integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==
 
+lodash@^4.17.13:
+  version "4.17.15"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
+  integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
+
 loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3.1, loose-envify@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf"