In projects using @manypkg/cli@0.18.0 (latest), npm audit flags a vulnerability. In tracing the dependency tree, @manypkg/get-packages is a full version behind on it's dependency declaration for globby@^11.0.0. By updating this to ^12.0.1, the vulnerability will be fixed.
This update would require releasing a patch for @manypkg/get-packages then a subsequent patch to @manypkg/cli updating the dependency on get-packages to the new version.
In projects using
@manypkg/cli@0.18.0
(latest),npm audit
flags a vulnerability. In tracing the dependency tree,@manypkg/get-packages
is a full version behind on it's dependency declaration forglobby@^11.0.0
. By updating this to^12.0.1
, the vulnerability will be fixed.This update would require releasing a patch for
@manypkg/get-packages
then a subsequent patch to@manypkg/cli
updating the dependency on get-packages to the new version.