yargs-unparser audit warning
joebowbeerxealth opened this issue · comments
npm audit
is complaining about ansi-regex@4.1.0
via yargs-unparser@1.6.4
https://snyk.io/test/npm/npm-audit-resolver/2.3.1
Remediation: Upgrade to yargs-unparser@2.0.0
Workaround: Make sure npm-audit-resolver is installed as a devDependency and pass --production
option to the audit checker.
I've been working on the future version for a while and latest tag in npm didn't get updates. Should probably release the npm7+ support now, but it's still missing a feature it used to have.
The npm7-dev
branch currently depends on yargs-unparser@1.6.4, too, which is pulling in a bad ansi-regex
@joebowbeer If you PR this, I'll merge and publish by the end of the week
released as 3.0.0-5