[security] bump `find-node-modules` to `2.1.2`

commitizen / cz-cli

The commitizen command line utility. #BlackLivesMatter

http://commitizen.github.io/cz-cli/

MIT License

16.7k stars 547 forks source link

[security] bump `find-node-modules` to `2.1.2` #825

Closed myovchev closed 3 years ago

myovchev commented 3 years ago

find-node-modules depends on merge, which has security issues. Currently find-node-modules package is set to v2.0. The issue is resolved at the latest package version 2.1.2.

mybrainishuge commented 3 years ago

https://github.com/commitizen/cz-cli/pull/824

dmwelch commented 3 years ago

Addressed in #842