Vulnerability report with lodash dependency

[mikemix]

During npm install, 2 severity vulnerabilities are introduced (1 moderate, 1 low) when installing horsey:

npm audit gives

                       === npm audit security report ===                        
                                                                                
                                                                                
                                 Manual Review                                  
             Some vulnerabilities require your attention to resolve             
                                                                                
          Visit https://go.npm.me/audit-guide for additional guidance           
                                                                                                                                           
  Moderate        Prototype Pollution                                                                                                              
  Package         lodash                                                                                                                            
  Patched in      >=4.17.11                                                                                                                    
  Dependency of   @goguardian/horsey                                                                                                                 
  Path            @goguardian/horsey > lodash                                                                                                       
  More info       https://npmjs.com/advisories/782                              
                                                                                
                                                                                
  Low             Prototype Pollution                                                                              
  Package         lodash                                                                                                                             
  Patched in      >=4.17.5                                                                                                                          
  Dependency of   @goguardian/horsey                                                                                                             
  Path            @goguardian/horsey > lodash                                                                                                  
  More info       https://npmjs.com/advisories/577 

Please update! @bevacqua is this library dead?

[zewa666]

Yes please lets get #78 merged so we can all sleep a bit better. Damn, I see this is a year old issue, any chance @bevacqua you can tell us something about the state of this library and whether you're going to maintain it any longer?