From 28bbc69025b58bb4610c38d3b4b866b98656503c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 10:17:00 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASHES-15053836
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 29b17af..f6bf065 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,7 @@
     "helmet": "^6.2.0",
     "http-status": "^1.8.1",
     "jsonwebtoken": "^9.0.2",
-    "lodash-es": "^4.17.21",
+    "lodash-es": "^4.17.23",
     "morgan": "^1.10.1",
     "pino-pretty": "^10.3.1",
     "rimraf": "^3.0.2"
diff --git a/yarn.lock b/yarn.lock
index d151eab..78a8bda 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4447,10 +4447,10 @@ locate-path@^6.0.0:
   dependencies:
     p-locate "^5.0.0"
 
-lodash-es@^4.17.21:
-  version "4.17.21"
-  resolved "https://registry.yarnpkg.com/lodash-es/-/lodash-es-4.17.21.tgz#43e626c46e6591b7750beb2b50117390c609e3ee"
-  integrity sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==
+lodash-es@^4.17.23:
+  version "4.17.23"
+  resolved "https://registry.yarnpkg.com/lodash-es/-/lodash-es-4.17.23.tgz#58c4360fd1b5d33afc6c0bbd3d1149349b1138e0"
+  integrity sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg==
 
 lodash.debounce@^4.0.8:
   version "4.0.8"