ReDoS vulnerability in dependency minimatch < 3.0.5
mk-pmb opened this issue · comments
Thanks for giving us nofs! I use it in my package libdir-binlinks-cfg-linker-pmb
. While the package is not vulnerable, npm still annpys me with its warning about nofs ("3 high severity vulnerabilities") it thinks we inherit from minimatch. Would you mind updating that dep to at least 3.0.5?
Sure, feel free to make a PR