[Security] Bump minimist from 1.2.5 to 1.2.6
Bumps minimist from 1.2.5 to 1.2.6. This update includes a security fix.
Vulnerabilities fixed
Prototype Pollution in minimist Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
Patched versions: 1.2.6 Affected versions: < 1.2.6
Commits
-
7efb22a
1.2.6 -
ef88b93
security notice for additional prototype pollution issue -
c2b9819
isConstructorOrProto adapted from PR -
bc8ecee
test from prototype pollution PR - See full diff in compare view
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot rebase
will rebase this MR -
$dependabot recreate
will recreate this MR rewriting all the manual changes and resolving conflicts