lodash version causing node vulnerability audit

[joeyjmorales]

Please see PR: #579

Thanks!

[andyedwardsibm]

We'd like this as well, but I notice that since the package.json file has ^4.17.2 it should already be picking up the latest version of 4.17.*

I'm more worried about package.json still containing a version number of 0.7.5. There have been several updates to package.json in the last 4 years, but never a new release or a new publish to npm, so none of the changes are actually getting through to a released version.

Looking at #570 it looks like this repo might spring back into life again soon though.