chore(deps): upgrade lodash

[reneshen0328]

resolves security vulnerabilities: https://github.com/box/box-ui-elements/security/dependabot/399

Summary by CodeRabbit

• Chores
  • Updated dependency versions to latest compatible releases.

[coderabbitai]

Walkthrough

The lodash dependency version is updated from ^4.17.23 to ^4.18.1 in both devDependencies and peerDependencies within package.json, ensuring consistent versioning across dependency declarations.

Changes

Cohort / File(s)	Summary
Dependency Update package.json	Updated lodash version from ^4.17.23 to ^4.18.1 in both devDependencies and peerDependencies.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested labels

ready-to-merge

Suggested reviewers

• jpan-box
• tjiang-box

Poem

🐰 A whisker twitch, a hoppy cheer,
Lodash bounds to a version near!
From 4.17 to 4.18 it leaps,
Dependencies in harmony, the codebase keeps! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description includes the purpose (resolving security vulnerabilities) and references the relevant issue, but the template content about merge procedures is boilerplate guidance rather than custom details about the changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title accurately describes the main change: upgrading the lodash dependency version in package.json.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore-upgrade-lodash

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[jfox-box]

LGTM

[tjuanitas]

@Mergifyio requeue

[tjuanitas]

@Mergifyio refresh

[reneshen0328]

@Mergifyio refresh

[reneshen0328]

@Mergifyio requeue

[mergify]

refresh

☑️ Command refresh ignored because it is already running from a previous command.

[mergify]

requeue

☑️ Command requeue ignored because it is already running from a previous command.

[mergify]

Merge Queue Status

• 🟠 Waiting for queue conditions
• ⏳ Enter queue
• ⏳ Run checks
• ⏳ Merge

Required conditions to enter a queue

• -closed [📌 queue requirement]
• -conflict [📌 queue requirement]
• -draft [📌 queue requirement]
• any of [📌 queue -> configuration change requirements]:
  • -mergify-configuration-changed
  • check-success = Configuration changed
• any of [🔀 queue conditions]:
  • all of [📌 queue conditions of queue rule Automatic strict merge]:
    • #approved-reviews-by >= 1 [🛡 GitHub branch protection]
    • #approved-reviews-by >= 2
    • #changes-requested-reviews-by = 0
    • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
    • #review-threads-unresolved = 0
    • #review-threads-unresolved = 0 [🛡 GitHub branch protection]
    • branch-protection-review-decision = APPROVED
    • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
    • label = ready-to-merge
    • status-success = lint_test_build
    • title ~= ^(build|ci|chore|docs|feat|fix|perf|refactor|revert|style|test)(\([^)]+\))?:\s.+$
    • any of [🛡 GitHub branch protection]:
      • check-success = Summary
      • check-neutral = Summary
      • check-skipped = Summary
    • any of [🛡 GitHub branch protection]:
      • check-success = lint_test_build
      • check-neutral = lint_test_build
      • check-skipped = lint_test_build
    • any of [🛡 GitHub branch protection]:
      • check-success = license/cla
      • check-neutral = license/cla
      • check-skipped = license/cla
    • any of [🛡 GitHub branch protection]:
      • check-success = lint_pull_request
      • check-neutral = lint_pull_request
      • check-skipped = lint_pull_request
  • all of [📌 queue conditions of queue rule Automatic boxmoji merge]:
    • author = boxmoji
    • files ~= ^i18n/
    • title ~= ^(fix)\(i18n\)?:\supdate translations$
    • #approved-reviews-by >= 1 [🛡 GitHub branch protection]
    • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
    • #review-threads-unresolved = 0 [🛡 GitHub branch protection]
    • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
    • status-success = lint_test_build
    • any of [🛡 GitHub branch protection]:
      • check-success = Summary
      • check-neutral = Summary
      • check-skipped = Summary
    • any of [🛡 GitHub branch protection]:
      • check-success = lint_test_build
      • check-neutral = lint_test_build
      • check-skipped = lint_test_build
    • any of [🛡 GitHub branch protection]:
      • check-success = license/cla
      • check-neutral = license/cla
      • check-skipped = license/cla
    • any of [🛡 GitHub branch protection]:
      • check-success = lint_pull_request
      • check-neutral = lint_pull_request
      • check-skipped = lint_pull_request

[mergify]

refresh

✅ Pull request refreshed