serverless-offline-python depends on "babel-register": "^6.18.0", which in turn depends on "babel-core": "^6.26.0" which includes the dependency "json5": "^0.5.1", which has a security vulnerability.
Babel updated the Json5 library to 2.1.0 in 2018, but they've bumped it a few more times since then (including 2 weeks ago, which is why I'm here now).
It'd be great if we could bump the version of babel-register to the current 7.18.9, which would get us all the necessary security updates.
serverless-offline-pythondepends on"babel-register": "^6.18.0",which in turn depends on"babel-core": "^6.26.0"which includes the dependency"json5": "^0.5.1",which has a security vulnerability.Babel updated the Json5 library to 2.1.0 in 2018, but they've bumped it a few more times since then (including 2 weeks ago, which is why I'm here now).
It'd be great if we could bump the version of
babel-registerto the current 7.18.9, which would get us all the necessary security updates.Thanks!