Merge pull request #20823 from edx/renovate/npm-underscore.string-vulnerability

Update dependency underscore.string to v3.3.5 [SECURITY]

Merge pull request #20823 from edx/renovate/npm-underscore.string-vulnerability
Update dependency underscore.string to v3.3.5 [SECURITY]
e4bb4b09 · Feanil Patel · GitHub · 92d9a1f5 · 11895b84 · e4bb4b09
Unverified Commit e4bb4b09 authored 5 years ago by Feanil Patel Committed by GitHub 5 years ago
--- a/package-lock.json
+++ b/package-lock.json
@@ -13910,9 +13910,9 @@
      "integrity": "sha1-Tz+1OxBuYJf8+ctBCfKl6b36UCI="
    },
    "underscore.string": {
-      "version": "3.3.4",
-      "resolved": "https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.4.tgz",
-      "integrity": "sha1-LCo/n4PmR2L9xF5s6sZRQoZCE9s=",
+      "version": "3.3.5",
+      "resolved": "https://registry.npmjs.org/underscore.string/-/underscore.string-3.3.5.tgz",
+      "integrity": "sha512-g+dpmgn+XBneLmXXo+sGlW5xQEt4ErkS3mgeN2GFbremYeMBSJKr9Wf2KJplQVaiPY/f7FN6atosWYNm9ovrYg==",
      "requires": {
        "sprintf-js": "1.0.3",
        "util-deprecate": "1.0.2"

--- a/package.json
+++ b/package.json
@@ -59,7 +59,7 @@
    "svg-inline-loader": "0.8.0",
    "uglify-js": "2.7.0",
    "underscore": "1.8.3",
-    "underscore.string": "3.3.4",
+    "underscore.string": "3.3.5",
    "webpack": "2.7.0",
    "webpack-bundle-tracker": "0.2.1",
    "webpack-merge": "4.1.1",