Merge pull request #110 from overleaf/dependabot-npm_and_yarn-underscore-1.13.1

build(deps): bump underscore from 1.9.2 to 1.13.1

services/track-changes/package-lock.json

@@ -7054,9 +7054,9 @@
       "dev": true
     },
     "underscore": {
-      "version": "1.9.2",
-      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.9.2.tgz",
-      "integrity": "sha512-D39qtimx0c1fI3ya1Lnhk3E9nONswSKhnffBI0gME9C99fYOkNi04xs8K6pePLhvl1frbDemkaBQ5ikWllR2HQ=="
+      "version": "1.13.1",
+      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.1.tgz",
+      "integrity": "sha512-hzSoAVtJF+3ZtiFX0VgfFPHEDRm7Y/QPjGyNo4TVdnDTdft3tr8hEkD25a1jC+TjTuE7tkHGKkhwCgs9dgBB2g=="
     },
     "unpipe": {
       "version": "1.0.0",

services/track-changes/package.json

@@ -38,7 +38,7 @@
     "requestretry": "^4.1.0",
     "s3-streams": "^0.4.0",
     "settings-sharelatex": "^1.1.0",
-    "underscore": "~1.9.2"
+    "underscore": "~1.13.1"
   },
   "devDependencies": {
     "babel-eslint": "^10.1.0",