Regenerate lockfile for lodash override

- Explicitly add lodash@4.18.1 to ensure override is respected - Regenerated pnpm-lock.yaml with resolved lodash@4.18.1 (CVE fix) Co-Authored-By: Paperclip <noreply@paperclip.ing>
fix: override lodash >=4.18.0 to patch code injection vulnerability
2026-05-03 18:28:22 +00:00 · 2026-04-23 10:58:22 +00:00
2 changed files with 14 additions and 9 deletions
@@ -35,6 +35,7 @@
    "@types/react-dom": "^18.0.0",
    "eslint": "^8.57.0",
    "jsdom": "^24.0.0",
    "lodash": "4.18.1",
    "notistack": "^3.0.0",
    "prettier": "^2.8.8",
    "react": "^18.3.1",
@@ -45,6 +46,7 @@
  },
  "overrides": {
    "tar": "^7.5.11",
-    "undici": "^7.24.3"
+    "undici": "^7.24.3",
    "lodash": ">=4.18.0"
  }
 }
@@ -38,6 +38,9 @@ importers:
      jsdom:
        specifier: ^24.0.0
        version: 24.1.3
      lodash:
        specifier: 4.18.1
        version: 4.18.1
      notistack:
        specifier: ^3.0.0
        version: 3.0.2(csstype@3.2.3)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
@@ -3512,8 +3515,8 @@ packages:
  lodash.truncate@4.4.2:
    resolution: {integrity: sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw==}
-  lodash@4.17.23:
+  lodash@4.18.1:
-    resolution: {integrity: sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==}
+    resolution: {integrity: sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==}
  longest-streak@3.1.0:
    resolution: {integrity: sha512-9Ri+o0JYgehTaVBBDoMqIl8GXtbWg711O3srftcHhZ0dqnETqLaoIK0x17fUw9rFSlK/0NlsKe0Ahhyl5pXE2g==}
@@ -5897,7 +5900,7 @@ snapshots:
      js-yaml: 4.1.1
      jsdom: 24.1.3
      jsonpath-plus: 10.4.0
-      lodash: 4.17.23
+      lodash: 4.18.1
      material-react-table: 2.13.3(93149b7a28d7dcf9399e2d03ebc8c990)
      monaco-editor: 0.52.2
      msw: 2.4.9(typescript@5.6.2)
@@ -8887,7 +8890,7 @@ snapshots:
    dependencies:
      '@types/html-minifier-terser': 6.1.0
      html-minifier-terser: 6.1.0
-      lodash: 4.17.23
+      lodash: 4.18.1
      pretty-error: 4.0.0
      tapable: 2.3.2
    optionalDependencies:
@@ -9340,7 +9343,7 @@ snapshots:
  lodash.truncate@4.4.2: {}
-  lodash@4.17.23: {}
+  lodash@4.18.1: {}
  longest-streak@3.1.0: {}
@@ -10061,7 +10064,7 @@ snapshots:
  pretty-error@4.0.0:
    dependencies:
-      lodash: 4.17.23
+      lodash: 4.18.1
      renderkid: 3.0.0
  pretty-format@27.5.1:
@@ -10322,7 +10325,7 @@ snapshots:
    dependencies:
      clsx: 2.1.1
      eventemitter3: 4.0.7
-      lodash: 4.17.23
+      lodash: 4.18.1
      react: 18.3.1
      react-dom: 18.3.1(react@18.3.1)
      react-is: 18.3.1
@@ -10398,7 +10401,7 @@ snapshots:
      css-select: 4.3.0
      dom-converter: 0.2.0
      htmlparser2: 6.1.0
-      lodash: 4.17.23
+      lodash: 4.18.1
      strip-ansi: 6.0.1
  replace-ext@2.0.0: {}