Update strip-ansi to prevent moderate npm audit issue

Question

Update strip-ansi to prevent moderate npm audit issue

jakecyr opened this issue 3 years ago · 2 comments

Summary

Currently the strip-ansi is on version 5.0.0 when there is a version 7.0.1 released. The strip-ansi package depends on a ansi-regex package that is causing the moderate audit severity vulnerability Inefficient Regular Expression Complexity.

Proposed Solution

Update the strip-ansi package to the 6.0.1 and test for breaking changes since version 7.0.1 is an ES module

Answer 1 · 2022-01-21T15:30:05.000Z

Noting: strip-ansi@6 requires Nodejs 8+ and would require a major release here as well as grunt-shell@3 supports Nodejs 6+.

https://github.com/chalk/strip-ansi/releases/tag/v6.0.0

https://github.com/sindresorhus/grunt-shell/blob/main/package.json#L12-L14

Answer 2 · 2022-03-19T18:03:49.000Z

Fixed in https://github.com/sindresorhus/grunt-shell/releases/tag/v4.0.0