Unfortunately, nanoid is affected by CVE-2021-23566, but testcafe-browser-tools pins nanoid@^2.1.3 and due to semver it means it will not update automatically. Main testcafe is also affected and will get a separate PR.
Whilst the issue is small for a testing solution, the issue does bubble up to all consuming projecs, tainiting them.
Unfortunately, nanoid is affected by CVE-2021-23566, but testcafe-browser-tools pins nanoid@^2.1.3 and due to semver it means it will not update automatically. Main testcafe is also affected and will get a separate PR.
Whilst the issue is small for a testing solution, the issue does bubble up to all consuming projecs, tainiting them.