[Snyk] Fix for 1 vulnerabilities

[genecyber]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LODASH-6139239	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: bitcore-lib

The new version differs by 250 commits.

• 012cc02 v8.3.3
• 3ee923e locks changes
• c6eda2b Merge pull request #2204 from matiu/chore/locks
• 5b8059a v8.3.2
• bce0be2 rm useless code
• 255ecf1 v8.3.1
• 3ec749e update locks
• c82f160 Merge pull request #2188 from micahriggan/feature/config-socket-for-wallets
• 88a4495 Merge pull request #2200 from micahriggan/fix/types-installed-top-level
• 7bd9afa Removing types that weren't supposed to be installed
• 469dfbb Upping capped collection size for events
• b854988 Merge branch 'master' of github.com:bitpay/bitcore into feature/config-socket-for-wallets
• dfd17b0 Merge pull request #2189 from micahriggan/feature/crypto-wallet-core-tests
• 1db6fee Removing jest for mocha
• dc43dc8 Breaking tests into two files
• db82507 Remove toString in test
• eb32cf9 Updating bitcore-client for new naming in cwc
• 9199af1 Adding test for generating a raw transaction
• 9e8bf26 Removing duplicate code that is in crypto-wallet-core now
• 5e3c09d Removing unused config
• 8b9f95d Adding test framework for crypto-wallet-core with single test
• f76ef0e Volatile emits and incorporating feedback
• 73330b5 Config should be using event, not socket
• 99d930b Refactoring the socket events to only fire for coins that have wallets

See the full diff

Package name: bitcore-lib-cash

The new version differs by 250 commits.

• 012cc02 v8.3.3
• 3ee923e locks changes
• c6eda2b Merge pull request #2204 from matiu/chore/locks
• 5b8059a v8.3.2
• bce0be2 rm useless code
• 255ecf1 v8.3.1
• 3ec749e update locks
• c82f160 Merge pull request #2188 from micahriggan/feature/config-socket-for-wallets
• 88a4495 Merge pull request #2200 from micahriggan/fix/types-installed-top-level
• 7bd9afa Removing types that weren't supposed to be installed
• 469dfbb Upping capped collection size for events
• b854988 Merge branch 'master' of github.com:bitpay/bitcore into feature/config-socket-for-wallets
• dfd17b0 Merge pull request #2189 from micahriggan/feature/crypto-wallet-core-tests
• 1db6fee Removing jest for mocha
• dc43dc8 Breaking tests into two files
• db82507 Remove toString in test
• eb32cf9 Updating bitcore-client for new naming in cwc
• 9199af1 Adding test for generating a raw transaction
• 9e8bf26 Removing duplicate code that is in crypto-wallet-core now
• 5e3c09d Removing unused config
• 8b9f95d Adding test framework for crypto-wallet-core with single test
• f76ef0e Volatile emits and incorporating feedback
• 73330b5 Config should be using event, not socket
• 99d930b Refactoring the socket events to only fire for coins that have wallets

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution