nested dependency ansi-regex has a security vulnerability and needs update

[vinay-kai]

ansi-regex has vulnerability CVE-2021-3807

The have already fixed it

Is it possible to update sequelize to use either 5.x or 6.x of ansi-regex

[vinay-kai]

here's the vulnerability on snyk - https://snyk.io/test/npm/sequelize-cli/6.2.0

[eclecto]

Also documented here: GHSA-93q8-gq69-wqmw

This issue now appears on npm audit reports.

[rodolfofranco]

Any updates? This is affecting our production pipeline.

[WikiRik]

Fixed in 6.3.0