chore: upgrade lodash

[rosston]

Description

This just upgrades Lodash in the package.json and the package-lock.json files, to version 4.17.23, in order to resolve https://nvd.nist.gov/vuln/detail/CVE-2025-13465

Related Issue

#114

Motivation and Context

Lodash has a vulnerability in versions 4.0.0-4.17.22: https://nvd.nist.gov/vuln/detail/CVE-2025-13465

Because this repo uses exact version specifiers for its dependencies, this Lodash version is marked as a vulnerability in all packages that have installed @onebeyond/license-checker.

How Has This Been Tested?

npm test continues to pass.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	lodash@​4.17.21 ⏵ 4.17.23	-5	+2	+1

View full report