mattcollier
commented
2 years ago Noting: strip-ansi@6 requires Nodejs 8+ and would require a major release here as well as grunt-shell@3 supports Nodejs 6+.
https://github.com/chalk/strip-ansi/releases/tag/v6.0.0
https://github.com/sindresorhus/grunt-shell/blob/main/package.json#L12-L14
sindresorhus
Summary
Currently the strip-ansi is on version 5.0.0 when there is a version 7.0.1 released. The strip-ansi package depends on a ansi-regex package that is causing the moderate audit severity vulnerability
Inefficient Regular Expression Complexity.Proposed Solution
Update the strip-ansi package to the 6.0.1 and test for breaking changes since version 7.0.1 is an ES module