WIP on issue13050: Fix: Backport removal of mkdirp to 6.x (#13050)

* the CVE is caused by the mkdirp dependency * mkdirp is no longer supported * mkdirp has been removed as of 7.0.0-alpha0 * this back-ports the change to v6.x
eslint · Mar 16, 2020 · cdf04cc · cdf04cc
1 parent 9738f8c
commit cdf04cc
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/lib/cli.js b/lib/cli.js
@@ -17,7 +17,6 @@
 
 const fs = require("fs"),
     path = require("path"),
-    mkdirp = require("mkdirp"),
     { CLIEngine } = require("./cli-engine"),
     options = require("./options"),
     log = require("./shared/logging"),
@@ -115,7 +114,7 @@ function printResults(engine, results, format, outputFile) {
             }
 
             try {
-                mkdirp.sync(path.dirname(filePath));
+                fs.mkdirSync(path.dirname(filePath), { recursive: true });
                 fs.writeFileSync(filePath, output);
             } catch (ex) {
                 log.error("There was a problem writing the output file:\n%s", ex);

diff --git a/package.json b/package.json
@@ -72,7 +72,6 @@
     "levn": "^0.3.0",
     "lodash": "^4.17.14",
     "minimatch": "^3.0.4",
-    "mkdirp": "^0.5.1",
     "natural-compare": "^1.4.0",
     "optionator": "^0.8.3",
     "progress": "^2.0.0",