Closed nbarrett closed 1 year ago
Additionally, that CVE is a false positive for yargs because you’d have to be attacking yourself.
70da9b7 updated to yargs 15, which hopefully is new enough to contain this fix. We can't update beyond that until we drop node < 12.