From ba546cdf602bc833f5d43b11f0e2ae44501f8d51 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 23 Jan 2026 01:32:20 +0000
Subject: [PATCH] fix: javascript/package.json & javascript/package-lock.json
 to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 javascript/package-lock.json | 6 +++---
 javascript/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/javascript/package-lock.json b/javascript/package-lock.json
index 5ff3feb2e..21a5165c2 100644
--- a/javascript/package-lock.json
+++ b/javascript/package-lock.json
@@ -33,9 +33,9 @@
       "integrity": "sha512-/2JL4Xv6xfhN2+AEKQGTYr1LZTmBCR/5fHxJVvb9zWNsmKZfKrl3wYYK8SD/Z8kXkf+ZSusfumLZ4wDTHrWujA=="
     },
     "lodash": {
-      "version": "4.17.20",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
-      "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA=="
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w=="
     },
     "tiny-emitter": {
       "version": "2.1.0",
diff --git a/javascript/package.json b/javascript/package.json
index 6c78dc8fb..2c3396a76 100644
--- a/javascript/package.json
+++ b/javascript/package.json
@@ -5,6 +5,6 @@
   "license": "MIT",
   "dependencies": {
     "hot-formula-parser": "^3.0.0",
-    "lodash": "^4.17.20"
+    "lodash": "^4.17.23"
   }
 }