Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test: Drop indirect dep on vulnerable minimist module (#4042)
Minimist is vulnerable to prototype pollution, and is no longer receiving updates. Details of the vulnerability can be found here: GHSA-xvch-5gv4-984h This updates our indirect dep on json5 to remove its minimist dep. Jimp, Karma, and WD all rely on v0 of mkdirp, which uses minimist. This forces them to use v1 of mkdirp, a rewrite which doesn't use minimist.
- Loading branch information