Dependabot cannot update glob-parent to a non-vulnerable version
The latest possible version that can be installed is 3.1.0 because of the following conflicting dependency:
@babel/cli@7.14.3 requires glob-parent@^3.1.0 via @nicolo-ribaudo/chokidar-2@2.1.8-no-fsevents
The earliest fixed version is 5.1.2.
CVE-2020-28469
high severity
Vulnerable versions: < 5.1.2
Patched version: 5.1.2
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
https://github.com/advisories/GHSA-ww39-953v-wcq6
Discussions in the babel repo