Veracode vulnerability in dependent package shell-quote

mysticatea / cpx

A cli tool to watch and copy file globs.

MIT License

524 stars 36 forks source link

Open anil-ghub opened 1 year ago

anil-ghub commented 1 year ago

Hello, We identified a vulnerability issue in shell-quote@1.6.7 so we need to use version >1.7.3

anil-ghub commented 1 year ago

I want to fix this, so let me know if I can contribute. thanks.

kddsultan commented 1 year ago

Are there any alternatives to this package?