Dbdocs CLI using vulnerable modules

It seems the dbdocs client depends on vulnerable versions of
axios <=0.21.1
follow-redirects <=1.14.7
got <11.8.5

Steps to reproduce:
in an environment where npm audit finds nothing
npm install dbdocs
run npm audit again to find 7 vulnerabilities (4 moderate, 3 high)

I am using nodeenv inside my python venv to do this.
Is there any fix for this?
(“npm audit fix --force” does not solve it)

Thank you for reporting the problem, Jens.

Yes, we’ve planned to upgrade the affected dependencies. Will keep you posted when it is available.

There’re some delays due to we’re currently have some higher prioritize things to implement.

Update September 2022: With the release of dbdocs CLI ver 0.7.0, we upgraded the affected dependencies to address vulnerabilities.