latest version has vulnarable dependencies
0wx opened this issue · comments
Gilang Ramadhan commented
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
forever@4.0.3 requires minimist@~0.0.1 via a transitive dependency on optimist@0.6.0
The earliest fixed version is 1.2.6.
Anthony commented
Also tar