fix lodash vulnerability

[sarthaktexas]

I'd like to get that vuln fixed but I have no idea where the file it generates it from is located. Can someone guide me as to where the package.json is originally generated from?

[dougwilson]

Can you provide details for how we can reproduce seeing the issue? Then we can help you figure out what to change. Right now there is no reproduction steps for us to see what it is to assist further.

[sarthaktexas]

when I use express generator to create an app (specifically with the pug view), it creates the app. then, when I push to git, dependabot slides into my dm's saying low vulnerability: add lodash blah blah blah like this: "lodash": ">=4.17.19", so if we put that into the source for express generator, people won't need to do that anymore