dmcpton
commented
6 years ago Oops, I posted this in the wrong repo, this was meant for node-cas. Regardless, there is a security vulnerability, it's just one dependency deeper. If anyone knows someone who can address this issue, that would be awesome. If I have time, I'll fork the dependency and submit a pull request to change the dependency to my fork, if that would be an acceptable solution.
The version of Cheerio which this package requires is an old version, which itself then requires an outdated version of lodash, which contains a security vulnerability. I'm not sure which of the latest versions of Cheerio would work, but could you update that dependency? Thanks!