chore(deps): update dependency minimist to v1.2.6 [security] (release/core-contracts/6) - autoclosed

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
minimist	`1.2.5` -> `1.2.6`

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Prototype Pollution in minimist

CVE-2021-44906 / GHSA-xvch-5gv4-984h

More information

#### Details Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file `index.js`, function `setKey()` (lines 69-95). #### Severity - CVSS Score: 9.8 / 10 (Critical) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2021-44906](https://nvd.nist.gov/vuln/detail/CVE-2021-44906) - [https://github.com/minimistjs/minimist/issues/11](https://togithub.com/minimistjs/minimist/issues/11) - [https://github.com/substack/minimist/issues/164](https://togithub.com/substack/minimist/issues/164) - [https://github.com/minimistjs/minimist/pull/24](https://togithub.com/minimistjs/minimist/pull/24) - [https://github.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703](https://togithub.com/minimistjs/minimist/commit/34e20b8461118608703d6485326abbb8e35e1703) - [https://github.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb](https://togithub.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb) - [https://github.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d](https://togithub.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d) - [https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11](https://togithub.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11) - [https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip](https://togithub.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip) - [https://github.com/minimistjs/minimist/commits/v0.2.4](https://togithub.com/minimistjs/minimist/commits/v0.2.4) - [https://github.com/substack/minimist](https://togithub.com/substack/minimist) - [https://github.com/substack/minimist/blob/master/index.js#L69](https://togithub.com/substack/minimist/blob/master/index.js#L69) - [https://snyk.io/vuln/SNYK-JS-MINIMIST-559764](https://snyk.io/vuln/SNYK-JS-MINIMIST-559764) - [https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068](https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-xvch-5gv4-984h) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).

Release Notes

minimistjs/minimist (minimist)

### [`v1.2.6`](https://togithub.com/minimistjs/minimist/blob/HEAD/CHANGELOG.md#v126---2022-03-21) [Compare Source](https://togithub.com/minimistjs/minimist/compare/v1.2.5...v1.2.6) ##### Commits - test from prototype pollution PR [`bc8ecee`](https://togithub.com/minimistjs/minimist/commit/bc8ecee43875261f4f17eb20b1243d3ed15e70eb) - isConstructorOrProto adapted from PR [`c2b9819`](https://togithub.com/minimistjs/minimist/commit/c2b981977fa834b223b408cfb860f933c9811e4d) - security notice for additional prototype pollution issue [`ef88b93`](https://togithub.com/minimistjs/minimist/commit/ef88b9325f77b5ee643ccfc97e2ebda577e4c4e2)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

celo-org / celo-monorepo