Closed stefan-squareweave closed 3 years ago
I assume you are using a Node.js version higher than 6. In that case the CVE doesn't affect you and you can safely ignore the warning: in Node.js >= 8, Babel doesn't use this package but uses chokidar@3
directly.
If you are still using Node.js 6, I highly recommend updating to a more recent Node.js version.
I'm closing this in favour of #5, since there is more discussion there.
There's a new CVE open on glob-parent < 5.1.2 . This package depends on ^3.1.0 currently and so it gets flagged by
npm audit
and the like.This issue would be to update the semver matcher to include the 5.1.x series.