As reported by npm audit and confirmed by Snyk, the latest version of tabtab has a dependency on the inquirer package, with version 6.5.2 being the most recent version that satisfies the package.json requirement of ^6.0.0. That version of inquirer in turn is potentially vulnerable via its dependencies, so the recommendation is to upgrade to [email protected].

Although it is a major version bump, please consider updating the dependency from ^6.0.0 to ^7.0.0. I don't know if that introduces any backwards incompatibility problems, but releasing a new tabtab version 4.0.0 would be a reasonable resolution if necessary. Thank you in advance for anything you can do to address this vulnerability warning.