SECURITY: Upgrade lodash

SECURITY: Upgrade lodash

There is a security hole in lodash with prototype pollution. It’s not clear if Discourse is affected but to be on the safe side we will upgrade right away.

Note that the front end Discourse does not appear to use defaultsDeep in our custom build and should be protected.

diff --git a/yarn.lock b/yarn.lock
index b286179..65b2839 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1465,9 +1465,9 @@ linkify-it@^2.0.0:
     uc.micro "^1.0.1"
 
 lodash@^4.17.11, lodash@^4.17.4, lodash@^4.2.0, lodash@^4.3.0:
-  version "4.17.11"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.11.tgz#b39ea6229ef607ecd89e2c8df12536891cac9b8d"
-  integrity sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==
+  version "4.17.14"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.14.tgz#9ce487ae66c96254fe20b599f21b6816028078ba"
+  integrity sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==
 
 lolex@^2.3.2:
   version "2.7.5"

GitHub sha: 9b0be303