Closed kkharji closed 1 year ago
minimist: v1.2.5 brings in a security vulnerability which is currently has no fix https://security.snyk.io/vuln/SNYK-JS-MINIMIST-2429795.
Jest depends on json5 which as of current release depends on minimist@1.2.5.
With this PR minimist is totally removed from dependency tree, thanks to json5 dropping it in most recent release.
minimist: v1.2.5 brings in a security vulnerability which is currently has no fix https://security.snyk.io/vuln/SNYK-JS-MINIMIST-2429795.
Jest depends on json5 which as of current release depends on minimist@1.2.5.
With this PR minimist is totally removed from dependency tree, thanks to json5 dropping it in most recent release.