update depedency unset-value to latest version

[shernaz]

Issue:

The unset-value package@1.0.0 poses a vulnerability. https://security.snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660

Solution:

Upgrade the package to the latest version to mitigate this vulnerability.

Please let me know if more information / explanation would be required.

[benjamindally]

Can the maintainer please merge this in?

[RodCardenas]

@jonschlinkert Can this please be merged? The vulnerability on unset-value can be handled with this.

[RodCardenas]

@wtgtybhertgeghgtwtg Can you merge this?

[wtgtybhertgeghgtwtg]

I am not a maintainer, so I cannot.

[krudos]

it will be great if this get merge

[shernaz]

I am not a maintainer of this repo. Hence it is not possible to be of help. Apologies.

On Wed, 16 Nov 2022 at 07:00, krudos @.***> wrote:

it will be great if this get merge

— Reply to this email directly, view it on GitHub https://github.com/jonschlinkert/cache-base/pull/28#issuecomment-1316145973, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACHBVSLV4YTCBIUDRZWVKDTWIQ2NHANCNFSM5SILJTCQ . You are receiving this because you authored the thread.Message ID: @.***>

[skadz]

It appears @jonschlinkert has not done anything in Github since 2021. Not sure what that means, but he seems to not be maintaining a presence here any more. Seems like this is never going to be fixed unless there is some way he can grant someone else maintainer access or Github can. Does anyone know if there is a process for this? (I'm just sick of the constant warnings from Snyk when this could have been fixed 8 months ago).

[skadz]

Reached out on Twitter to see if he can help us out.

https://twitter.com/skadz/status/1603162862393901058

[markkelsall]

anyone got LinkedIn premium? He's on there and active

[victorpinheiro]

Apparently @jonschlinkert is active on Github. Could you please merge this PR? Thanks!

[sj5515139]

Can we please merge this PR?

[jpcmf]

👍🏻 for the merge