npm audit warning from minimist dependency
MartinHignett opened this issue · comments
We have an npm audit warning when including this library in our dev dependencies:
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ minimist │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ license-checker │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ license-checker > mkdirp > minimist │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1179 │
└───────────────┴──────────────────────────────────────────────────────────────┘
It looks like we need to update the mkdirp dependency to 0.5.3 or later.