Open cdeutsch opened 2 years ago
Is there an alternative to portfinder that could be used?
portfinder
They don't seem super interested in upgrading mkdirp which relies on a vulnerable version of minimist https://github.com/http-party/node-portfinder/issues/112
mkdirp
minimist
Unfortunately my company has a mono-repo and this bar is pretty much constantly there due to NPM dependencies, and I keep getting a hard time about it 😬
minimist CVE: https://github.com/advisories/GHSA-xvch-5gv4-984h
Is there an alternative to
portfinderthat could be used?They don't seem super interested in upgrading
mkdirpwhich relies on a vulnerable version ofminimisthttps://github.com/http-party/node-portfinder/issues/112Unfortunately my company has a mono-repo and this bar is pretty much constantly there due to NPM dependencies, and I keep getting a hard time about it 😬
minimistCVE: https://github.com/advisories/GHSA-xvch-5gv4-984h