[BUG] vulnerability in dot-prop (dependency of npm and update-notifier)

[moustafab]

What / Why

The version of dot-prop used by npm has a security vulnerability. It must be updated to a version >= 5.1.1 to be resolved.

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8116
• npm/cli#1584