Request for New Release of npm-check

[CharlesCai01]

Hi, I found that npm-check@6.0.1 uses package-json@6.5.0 which will introduce a vulnerable library got@9.6.0. But this vulnerability has already been fixed in the master branch of npm-check.
Could you publish a version of npm-check to fix related issue?

The version of got library that npm-check depends now.

The package.json of Master branch

The package.json of v6.0.1 tag

The below is information about the vulnerability that got@9.6.0 has.
BDSA-2022-3763 3.8 Low
CVE-2022-33987 5.3 Medium https://nvd.nist.gov/vuln/detail/CVE-2022-33987

[CharlesCai01]

@dylang

[CharlesCai01]

Dear @dylang

Thank you for your continuous efforts to maintain the npm-check package. It's a crucial tool in our development workflow, and we appreciate your efforts in keeping it up-to-date.

We noticed that renovate[bot] has made a number of updates to the dependencies of npm-check. However, because there hasn't been a new release of npm-check for some time, these changes are not reflected in the npmjs registry. This has caused some difficulties in our development environment when fetching the dependencies via npm install.

To solve this problem, we kindly request for a new release of npm-check on the npmjs registry to include the updated dependencies.

Thank you for your understanding and support. We are looking forward to the new release.

Best Regards,
Charles Cai