Dangerous vulnerability in dependency

[fvonellerts]

Hey, thanks for creating this package!

The npm audit just alerted me that the "decompress" package suffers a Arbitrary File Write vulnerability: https://www.npmjs.com/advisories/1217. It is used by the imagemin dependencies in this plugin.

Would be nice if you could take a look.
Greetings, Fabian

[techEgab]

Other Citical Vulnerabilities to count:

• Prototype pollution in webpack loader-utils
• http-cache-semantics vulnerable to Regular Expression Denial of Service
• For more vulnerabilities, click here to route to socket.io report