Publish latest version of the "lodash.template" package

[alexander-kraev-snyk]

Latest version of "lodash.template" package was published to npm 4 years ago and now its' outdated (4.5.0)

@jdalton Hello John! How it can be published manually? Can it be done by non-maintainer like me?

NPM link - https://www.npmjs.com/package/lodash.template?activeTab=versions

Please do not close the issue until the matter is resolved

[jdalton]

Hi @alexander-kraev-snyk! Ideally folks would move to a logic-less, non-eval based template. If the package has been idle for 4 years I don't see the urgency now in updating it. I'm not at the place in the backlog of tech debt to manually publish updates but have been thinking about the approach. I'll update you when I get to that.

[gorner]

Given that a security advisory from 2021 was updated this week to specifically refer to lodash.template as being affected, do you intend to revisit this matter @jdalton? I suspect the new inclusion of lodash.template – which is still a transitive dependency of many other packages – may be causing some developers to panic.