The library includes npm-exists as a dependency which depends on a vulnerable version of cacheable-request
It appears npm-exists is not used, so could easily be removed.
NPM audit report:
got <=11.8.3
Severity: high
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
Depends on vulnerable versions of cacheable-request
No fix available
node_modules/got
npm-exists >=1.0.1
Depends on vulnerable versions of got
node_modules/npm-exists
bitmark-grammar *
Depends on vulnerable versions of npm-exists
node_modules/bitmark-grammar
@getmorebrain/bitmark-parser-generator *
Depends on vulnerable versions of bitmark-grammar
node_modules/@getmorebrain/bitmark-parser-generator
The library includes
npm-exists
as a dependency which depends on a vulnerable version ofcacheable-request
It appears
npm-exists
is not used, so could easily be removed.NPM audit report: