Security vulnerabilities in ansi-regex

CVE-2021-3807 moderate severity Vulnerable versions: < 6.0.1 Patched version: 6.0.1 ansi-regex is vulnerable to Inefficient Regular Expression Complexity

updater | I, [2021-09-20T23:05:58.163756 #8] INFO -- sentry: ** [Raven] Raven 3.1.2 ready to catch errors updater | warning: parser/current is loading parser/ruby27, which recognizes updater | warning: 2.7.4-compliant syntax, but you are running 2.7.1. updater | warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri. updater | INFO Starting job processing updater | INFO Starting update job for influxdata/docs-v2 updater | INFO Checking if ansi-regex 5.0.0 needs updating proxy | 2021/09/20 23:06:03 [014] GET https://registry.npmjs.org:443/ansi-regex proxy | 2021/09/20 23:06:03 [014] 200 https://registry.npmjs.org:443/ansi-regex proxy | 2021/09/20 23:06:03 [016] GET https://registry.npmjs.org:443/ansi-regex/6.0.1 proxy | 2021/09/20 23:06:03 [016] 200 https://registry.npmjs.org:443/ansi-regex/6.0.1 updater | INFO Latest version is 6.0.1 proxy | 2021/09/20 23:06:07 [018] GET https://registry.yarnpkg.com:443/ansi-regex proxy | 2021/09/20 23:06:07 [018] 200 https://registry.yarnpkg.com:443/ansi-regex updater | INFO Requirements to unlock own updater | INFO Requirements update strategy bump_versions updater | INFO The latest possible version that can be installed is 5.0.1 because of the following conflicting dependency: updater | updater | postcss-cli@8.3.1 requires ansi-regex@^5.0.0 via a transitive dependency on strip-ansi@6.0.0 updater | INFO The earliest fixed version is 6.0.1. updater | INFO Finished job processing updater | time="2021-09-20T23:06:09Z" level=info msg="task complete" container_id=job-207053183-updater exit_code=0 job_id=207053183 step=updater

postcss / postcss-cli

Security vulnerabilities in ansi-regex #392