[Snyk] Upgrade lodash from 4.17.21 to 4.17.23

[macfarla]

Snyk has created this PR to upgrade lodash from 4.17.21 to 4.17.23.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 25 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-15053838	631	No Known Exploit

Release notes

Package name: lodash

• 4.17.23 - 2026-01-21
  

  4.17.23

• 4.17.21 - 2021-02-20
  

  Bump to v4.17.21

from lodash GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

Note

Low Risk
Routine dependency patch upgrade with no application logic changes; risk is limited to potential minor behavioral differences in lodash.

Overview
Upgrades the project’s lodash dependency from 4.17.21 to 4.17.23 in package.json and updates package-lock.json to reflect the new resolved artifact/integrity.

The lockfile also normalizes a couple of entries (e.g., moves string_decoder to a different section and removes a duplicate lodash block) as part of the dependency graph refresh.

^{Written by Cursor Bugbot for commit 08f0e4f. This will update automatically on new commits. Configure here.}