diff --git a/package-lock.json b/package-lock.json
index c0850503..37a3e43a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,9 +10,12 @@
       "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
     },
     "async": {
-      "version": "0.2.10",
-      "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz",
-      "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E="
+      "version": "2.6.4",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
+      "requires": {
+        "lodash": "^4.17.14"
+      }
     },
     "atom-select-list": {
       "version": "0.7.2",
@@ -312,6 +315,11 @@
         "invert-kv": "^1.0.0"
       }
     },
+    "lodash": {
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+    },
     "loophole": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/loophole/-/loophole-1.1.0.tgz",
diff --git a/package.json b/package.json
index 7ced0272..bec05deb 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,7 @@
     "atom": "*"
   },
   "dependencies": {
-    "async": "~0.2.6",
+    "async": "~2.6.4",
     "atom-select-list": "^0.7.0",
     "fs-plus": "^3.0.0",
     "loophole": "^1",