Commit e8d8863
committed
Bump
Mocha depends on a vulnerable version of `nanoid`: GHSA-mwcw-c2x4-8c55
The package was updated with: `npm audit fix --force`
```
# npm audit report
nanoid <3.3.8
Infinite loop in nanoid - GHSA-mwcw-c2x4-8c55
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/nanoid
mocha 8.2.0 - 10.2.0
Depends on vulnerable versions of nanoid
node_modules/mocha
2 low severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
```mocha from 9.1.3 to 11.0.11 parent 343a69f commit e8d8863
2 files changed
+673
-306
lines changed
0 commit comments