From 09047d6edf7177779f10adff024dcd29c5bae994 Mon Sep 17 00:00:00 2001
From: Harsh Kashyap <harsh.kashyap2001@gmail.com>
Date: Thu, 25 Jun 2026 12:10:39 +0530
Subject: [PATCH] fix(web): bump lodash past vulnerable range (#16281)

---
 web/package-lock.json | 8 ++++----
 web/package.json      | 2 +-
 web/pnpm-lock.yaml    | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 2872c0fb82..ef0f24bff7 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -72,7 +72,7 @@
         "jsencrypt": "^3.3.2",
         "jsoneditor": "^10.4.2",
         "lexical": "^0.23.1",
-        "lodash": "^4.17.23",
+        "lodash": "^4.18.1",
         "lucide-react": "^1.7.0",
         "next-themes": "^0.4.6",
         "openai-speech-stream-player": "^1.0.8",
@@ -18757,9 +18757,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.23",
-      "resolved": "https://registry.npmmirror.com/lodash/-/lodash-4.17.23.tgz",
-      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "version": "4.18.1",
+      "resolved": "https://registry.npmmirror.com/lodash/-/lodash-4.18.1.tgz",
+      "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
       "license": "MIT"
     },
     "node_modules/lodash.debounce": {
diff --git a/web/package.json b/web/package.json
index 21b09dcc30..0c29d8f44d 100644
--- a/web/package.json
+++ b/web/package.json
@@ -94,7 +94,7 @@
     "jsencrypt": "^3.3.2",
     "jsoneditor": "^10.4.2",
     "lexical": "^0.23.1",
-    "lodash": "^4.17.23",
+    "lodash": "^4.18.1",
     "lucide-react": "^1.7.0",
     "next-themes": "^0.4.6",
     "openai-speech-stream-player": "^1.0.8",
diff --git a/web/pnpm-lock.yaml b/web/pnpm-lock.yaml
index 26bd6e999c..eef54312ca 100644
--- a/web/pnpm-lock.yaml
+++ b/web/pnpm-lock.yaml
@@ -204,7 +204,7 @@ importers:
         specifier: ^0.23.1
         version: 0.23.1
       lodash:
-        specifier: ^4.17.23
+        specifier: ^4.18.1
         version: 4.18.1
       lucide-react:
         specifier: ^1.7.0