- Operating System: Mac OS
- Node Version: v16.13.0
- NPM Version: 6.14.16
- csv-parser Version: 3.0.0
Expected Behavior / Situation
N/A
Actual Behavior / Situation
minimist: v1.2.5 brings in a security vulnerability which is currently has no fix. The following dependency chain makes csv-parser a vulnerable package: csv-parser@3.0.0 › minimist@1.2.5.
Modification Proposal
Request for a security fix to make csv-parser package free from security vulnerabilities. We may shift to using minimist-lite as suggested here / eliminate the usage of minimist by providing a implementation to parse command line args
Expected Behavior / Situation
N/A
Actual Behavior / Situation
minimist:v1.2.5brings in a security vulnerability which is currently has no fix. The following dependency chain makescsv-parsera vulnerable package: csv-parser@3.0.0 › minimist@1.2.5.Modification Proposal
Request for a security fix to make
csv-parserpackage free from security vulnerabilities. We may shift to usingminimist-liteas suggested here / eliminate the usage ofminimistby providing a implementation to parse command line args