The dependency below is reporting CVE-2023-2251 in security scanners, would it be possible to upgrade the version of babel-plugin-macros to a higher version so that it removes the dependency on eemeli/yaml@1.10.2 (cosmicconfig moves to a different yaml library in newer versions) -- I initially thought this was a false positive in my scanner until I dug deep and realized the older cosmicconfig used that library but changed in newer versions.
babel-plugin-macros@3.1.0
cosmiconfig@7.1.0
yaml@1.10.2
The dependency below is reporting CVE-2023-2251 in security scanners, would it be possible to upgrade the version of babel-plugin-macros to a higher version so that it removes the dependency on eemeli/yaml@1.10.2 (cosmicconfig moves to a different yaml library in newer versions) -- I initially thought this was a false positive in my scanner until I dug deep and realized the older cosmicconfig used that library but changed in newer versions.
babel-plugin-macros@3.1.0
cosmiconfig@7.1.0
yaml@1.10.2