CVE-2019-10744 in dependency

[a-legrand]

Hello,

your package hive-driver is using jshs2 which is very old and uses version of lodash targeted in critical CVE-2019-10744

thank you for your product :)
regards

[ovr]

Hello @a-legrand ,

Thank you for submitting the issue. It's true, I did the PR - imjuni/jshs2#23

on May 21, 2021

It's still not merged )))))

Thanks

[a-legrand]

oh wow!

thank you for your reply :)