PRISMA-2022-0039 in minimatch version 3.0.4 dependency

[Murali84]

Minimatch is flagged as HIGH vulnerability in PRISMA. Fix version found in 3.0.5.

PRISMA issue link: isaacs/minimatch@a8763f4

Can you please check and let me know if more info required?

[evansjarom11]

This vulnerability is also listed here: https://nvd.nist.gov/vuln/detail/CVE-2022-3517#range-8457383

[mastmaster]

Add this to your package.json and test it
"overrides": {
"test-exclude": {
"minimatch": ">=3.0.5"
}
}

[ericcornelissen]

This appears to have been resolved since at least test-exclude@7.0.2