meow@9.0.0 dependencies security advisory

[nathanaelytj]

What minimal example or steps are needed to reproduce the bug?

1. Install stylelint
2. Do npm audit

What minimal configuration is needed to reproduce the bug?

{
    "extends": [
        "stylelint-config-standard",
        "stylelint-config-standard-scss",
        "stylelint-config-recommended-vue"
    ]
}

How did you run Stylelint?

stylelint src/**/*.{css,scss,vue}

Which Stylelint-related dependencies are you using?

{
        "stylelint": "^15.10.0",
        "stylelint-config-recommended-vue": "^1.4.0",
        "stylelint-config-standard": "^33.0.0",
        "stylelint-config-standard-scss": "^9.0.0",
}

What did you expect to happen?

No security advisory warning

What actually happened?

There is security adivsory: GHSA-c2qf-rxjj-qqgw
Because dependency with meow

Do you have a proposal to fix the bug?

I'm reading that this issue will be fixed with #5291
Because dependabot bump #5463 closed with comment

Is there any solution for this advisory? Or we wait for issue #5291 ?

[mattxwang]

Thanks for submitting an issue! We just merged in #7043, and will likely release it ASAP; this should resolve the advisory (and the original issue), it's not necessary to wait until #5291. Keep an eye out for the next release!

[mattxwang]

Quick double-comment, but I've just cut a new release of Stylelint that should resolve the security advisory. Updating to 15.10.1 should resolve this issue.

With that in mind, I'm going to close this as complete; if you have a follow-up, feel free to re-open!