Potential security vulnerability in one of your dependencies: acorn

[kdybicz]

🐛 Bug Report

GitHub dependabot raised issue with a security vulnerability found in jest dependencies acorn https://app.snyk.io/vuln/SNYK-JS-ACORN-559469

Dependency report from yarn:

=> Found "acorn-globals#[email protected]"
info This module exists because "jest#@jest#core#jest-config#jest-environment-jsdom#jsdom#acorn-globals" depends on it.
info Disk size without dependencies: "1.08MB"
info Disk size with unique dependencies: "1.08MB"
info Disk size with transitive dependencies: "1.08MB"
info Number of shared dependencies: 0

To Reproduce

Steps to reproduce the behavior:

1. Add jest@^25.1.0 to your project.

Expected behavior

jest using latest dependencies.

Link to repl or repo (highly encouraged)

It's a private repo.

envinfo

  System:
    OS: macOS 10.15.3
    CPU: (8) x64 Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz
  Binaries:
    Node: 13.8.0 - /usr/local/bin/node
    Yarn: 1.22.0 - /usr/local/bin/yarn
    npm: 6.13.7 - /usr/local/bin/npm
  npmPackages:
    jest: ^25.1.0 => 25.1.0 

[kdybicz]

Duplicate of #9643

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.