security vulnerability with using old version of underscore.string

✗ High severity vulnerability found on underscore.string@2.4.0
- desc: Regular Expression Denial of Service (ReDoS)
- info: https://snyk.io/vuln/npm:underscore.string:20170908

