consider updating the dependencies to get rid of some vulnerabilities

[quiquelhappy]

as of right now, this package is adding 5 severe vulnerabilities to my project, itd be nice if the dependencies were updated :)

[quiquelhappy]

I tried to update the dependencies, but there vulnerabilities are still there: it seems like get-svg-colors is causing the problems, after updating and trying an audit fix / audit fix --force

No fix available
node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/css-select
    cheerio  0.19.0 - 1.0.0-rc.3
    Depends on vulnerable versions of css-select
    node_modules/cheerio
      get-svg-colors  *
      Depends on vulnerable versions of cheerio
      node_modules/get-svg-colors

6 vulnerabilities (2 moderate, 4 high)

[philwhln]

We're hitting this too

[email protected] requires nth-check@~1.0.1 via a transitive dependency on [email protected]

Need nth-check >= 2.0.1

[adityapatadia]

@zeke a nudge to fix it.

[zeke]

I'm busy, but I will accept a PR with these updates! 🙏🏼

[adityapatadia]

PR: colorjs/get-svg-colors#82

[zeke]

Just published 2.0.1 with updated cheerio. See colorjs/get-svg-colors#82 (comment) 🚀

Thanks @adityapatadia. 🙏🏼

Gonna close this issue because it's old, but happy to accept any other PRs that update the deps as needed. 👍🏼