Dependency jszip update

[gabrielsfarias]

Although this seems like a dead project by now, I have to use it a current project, and it requires jszip@3.2.1, which has a security vulnerability documented at CWE-1321 with the id CVE-2021-23413.
So, someone with more knowledge could at least bump the dependency requirements for the fixed versions of jszip (3.7.0)

[calebJustice7]

@gabrielsfarias Same problem here.

[nhsome]

Any updates here?

[vishal-bypt]

Is there any ETA for jszip update ?

[villetuomaala]

Why not just add

"resolutions": {
  "excel4node/jszip": "^3.10.0"
}

to your package.json? excel4node seems like a buried project and I guess no one will make the bump.