Potential lodash vulnerability at 4.17.11

[quetzaluz]

Note: This feels somewhat lower priority because the vulnerable methods in question aren't used, but resolving this can can fix package installation/audit warnings and prevent accidental usage of vulnerable methods:

Similar to #13, lodash requires another upgrade due to a reported vulnerability in the version used in this repo:

• Per https://github.com/lodash/lodash/issues/4348, an upgrade is required to address a recent security vulnerability CVE-2019-10744
• https://github.com/request/promise-core/blob/master/package.json#L36 lists the vulnerable lodash version

[quetzaluz]

Will be able to follow up with a PR to fix this but want to confirm if this upgrade is desired first

[quetzaluz]

Filed this without noticing PR #20 which will resolve this

[analog-nico]

I just bumped it to ^4.17.15 and will roll it out to the main request-promise packages shortly.