Regular Expression Denial of Service (ReDoS) from ansi-regex

[trmpowell]

• What went wrong? Snyk is reporting a high severity vulnarability from bcrypt dependencies:

  ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@5.0.0
  introduced by bcrypt@5.0.1 > @mapbox/node-pre-gyp@1.0.5 > npmlog@4.1.2 > gauge@2.7.4 > strip-ansi@3.0.1 > ansi-regex@2.1.1 and 157 other path(s)
  This issue was fixed in versions: 6.0.1

  I added a comment to a relevant issue for gauge: https://github.com/npm/gauge/issues/127

• What did you expect to happen? No high sev vulnerabilities reported by Snyk.

• Which version of nodejs and OS? node v 14.17.1

[allanice001]

The same is also reported via github security integration / dependabot