Update npm on all supported release lines to address CVE scored 9.8 in minimist package

**Is your feature request related to a problem? Please describe.**
The package mkdir 0.5.1 contains a dependency to minimist 0.0.8, which has the [CVE-2020-7598](https://nvd.nist.gov/vuln/detail/CVE-2020-7598), scored 9.8

**Describe the solution you'd like**
Remove the package mkdirp or find a maintained alternative.

**Others**
```
node -v
v12.16.1

npm -v
6.13.4

list mkdirp
npm@6.13.4 /usr/lib/node_modules/npm
+-- cacache@12.0.3
| `-- mkdirp@0.5.1  deduped
+-- cmd-shim@3.0.3
| `-- mkdirp@0.5.1  deduped
+-- gentle-fs@2.3.0
| `-- mkdirp@0.5.1  deduped
+-- libcipm@4.0.7
| `-- mkdirp@0.5.1  deduped
+-- mkdirp@0.5.1
+-- move-concurrently@1.0.1
| +-- copy-concurrently@1.0.5
| | `-- mkdirp@0.5.1  deduped
| `-- mkdirp@0.5.1  deduped
+-- node-gyp@5.0.5
| `-- mkdirp@0.5.1  deduped
+-- pacote@9.5.11
| `-- mkdirp@0.5.1  deduped
`-- tar@4.4.13
  `-- mkdirp@0.5.1  deduped
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update npm on all supported release lines to address CVE scored 9.8 in minimist package #32296

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Update npm on all supported release lines to address CVE scored 9.8 in minimist package #32296

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions