Closed fredkilbourn closed 2 years ago
Updating ansi-regex to v5.0.1 https://github.com/chalk/ansi-regex/releases/tag/v5.0.1 will resolve this vulnerability.
Or https://github.com/chalk/ansi-regex/releases/tag/v6.0.1 if you're comfortable with it changing to an ESM module.
bump?
Sorry - looks like this is actually coming from pretty far upstream so I'll go bother them and leave you alone.
Inefficient Regular Expression Complexity in chalk/ansi-regex ansi-regex is vulnerable to Inefficient Regular Expression Complexity
https://github.com/advisories/GHSA-93q8-gq69-wqmw
@discordjs/opus@0.6.0 requires ansi-regex@^3.0.0 via a transitive dependency on strip-ansi@4.0.0
Need to update dependencies to non-vulnerable versions to resolve. This is triggering dependabot alerts on my repo due to including this project.