The old version of yargs being used in the dependencies has vulnerabilities

Question

The old version of yargs being used in the dependencies has vulnerabilities

stof opened this issue 4 years ago · 0 comments

Currently, this packages depends on yargs 6. The latest version of yargs is 15.
And version 6 of yargs uses a version of yargs-parser which has vulnerabilities.

yargs should be upgraded to a maintained version.