minimist security vulnerability
Opened this issue · 0 comments
cdeutsch commented
Is there an alternative to portfinder
that could be used?
They don't seem super interested in upgrading mkdirp
which relies on a vulnerable version of minimist
http-party/node-portfinder#112
Unfortunately my company has a mono-repo and this bar is pretty much constantly there due to NPM dependencies, and I keep getting a hard time about it 😬
minimist
CVE:
GHSA-xvch-5gv4-984h