Old version of csv-parser@1.8.1 has a dependency to "minimist": "^0.2.0" with a prototype pollution vulnerability

Question

enaukkarinen opened this issue 4 years ago · 1 comments

Could csv-parser dependency be updated to 3.0.0 to get rid of this vulnerability?

Thanks

Answer 1 · 2021-03-16T13:27:09.000Z

@ZJONSSON , @jbreckman - Any thoughts on this?