Update rimraf dependency #846
Description
Is there an existing issue for this?
- I have searched existing issues, it hasn't been reported yet
Use case description
My team is required to run Snyk vulnerability scanning on our dependencies, and Snyk highlights the following series of dependencies:
[email protected] › [email protected] › [email protected] › [email protected]
Inflight (https://www.npmjs.com/package/inflight) brings up a vulnerability finding in Snyk (https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) and is also deprecated:
This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
Proposed solution (optional)
There are newer versions of rimraf (https://github.com/isaacs/rimraf) available that require newer versions of glob, which don't have the transitive dependency on inflight.
Note that to remove inflight entirely, this related issue would also need to be addressed: #495
I understand that this may be a lower priority task, just noting it for consideration. Thank you!