Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: .snyk, package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-LODASH-450202
- Loading branch information
5fddd70
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://support.snyk.io/hc/en-us/articles/360000897937-Why-is-Snyk-added-into-my-production-dependencies-
Maybe make it a Dev dependency ? That way consumers via npm won't get it in their tree