Merge pull request #216 from overleaf/dependabot-npm_and_yarn-underscore-1.13.1

Bump underscore from 1.7.0 to 1.13.1

services/real-time/package-lock.json

@@ -6526,9 +6526,9 @@
       }
     },
     "underscore": {
-      "version": "1.7.0",
-      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.7.0.tgz",
-      "integrity": "sha1-a7rwh3UA02vjTsqlhODbn+8DUgk="
+      "version": "1.13.1",
+      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.1.tgz",
+      "integrity": "sha512-hzSoAVtJF+3ZtiFX0VgfFPHEDRm7Y/QPjGyNo4TVdnDTdft3tr8hEkD25a1jC+TjTuE7tkHGKkhwCgs9dgBB2g=="
     },
     "unpipe": {
       "version": "1.0.0",

services/real-time/package.json

@@ -37,7 +37,7 @@
     "settings-sharelatex": "^1.1.0",
     "socket.io": "https://github.com/overleaf/socket.io/archive/0.9.19-overleaf-4.tar.gz",
     "socket.io-client": "https://github.com/overleaf/socket.io-client/archive/0.9.17-overleaf-3.tar.gz",
-    "underscore": "1.7.0"
+    "underscore": "1.13.1"
   },
   "devDependencies": {
     "bunyan": "~0.22.3",