[E.cash] - Updated Lodash Dependency to Fix Vulnerability

[Luke9389]

This PR is on [HOLD] pending the deployment of this PR.

cc @tgolen

Details

Rather than using individual packages for each lodash method, we are using the main lodash package and selectively loading the methods we need (using this handy syntax: lodash/orderby)

Fixed Issues

Fixes https://github.com/Expensify/Expensify/issues/157894

Tests

Our testing method for this is admittedly a bit primitive; comb the site looking for errors/broken stuff.

Tested On

• Web
• Mobile Web
• Desktop
• iOS
• Android

[Luke9389]

Testing on all platforms now. So far web & mobile web are clear

[Luke9389]

All 5 platforms seem stable. I tried to hit all the pages that were using lodash.

[tgolen]

Let's maybe hold this so that you can include the onyx upgrade in it too?

[Luke9389]

That's a great point. I'll wait for the onyx one to get deployed and then retest this. 👍

[roryabraham]

Looks like this change made in Onyx:

Is already available in Expensify.cash. I'm going hold this other PR on this one.

[Luke9389]

Yea, I updated Onyx on monday before I was OOO today. Retesting this now

[Luke9389]

Retested on all 5 and it's lookin good. We need to be clever about when this gets merged. It'd be bad if another PR using the wrong lodash package got merged right before this one. For this reason, I think it's best to reassign the reviewer role to someone in my time-zone, so we can be sure to merge this at the right moment. @tgolen or @roryabraham Would either of you be willing to swap in for @Gonals and become the reviewer of this PR?

[tgolen]

Yeah, I don't mind reviewing and merging this. It looks fine!