Update tmp dependency to >=0.2.4 to fix vulnerability (GHSA-52f5-9888-hmc6)


Hello 👋,  

First, thanks for maintaining this project 🙏.  

I noticed that this library depends on **[`tmp`](https://www.npmjs.com/package/tmp)** in a version lower than `0.2.4`. That version has a known vulnerability:  

- **Advisory:** [GHSA-52f5-9888-hmc6](https://github.com/advisories/GHSA-52f5-9888-hmc6)  
- **Severity:** High  
- **Patched in:** `tmp@0.2.4`  

## Steps to reproduce
1. Install this library.  
2. Run `npm audit` / `pnpm audit` / `yarn audit`.  
3. Observe the warning about the vulnerable `tmp` dependency.  

## Suggested fix
Bump the `tmp` dependency to at least **`0.2.4`** to ensure downstream users are not exposed to this vulnerability.  

Thanks again for your work on this project 🙌.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update tmp dependency to >=0.2.4 to fix vulnerability (GHSA-52f5-9888-hmc6) #2976

Steps to reproduce

Suggested fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Update tmp dependency to >=0.2.4 to fix vulnerability (GHSA-52f5-9888-hmc6) #2976

Description

Steps to reproduce

Suggested fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions