I am currently trying to eliminate the use of [email protected] in a project. Part of this would require upgrading Copy-Webpack-Plugin to v6 from 5.1.1. It'd be better to not have to make a major version jump just for eliminating a vulnerability's sake. Could a new version of version of Copy-Webpack-Plugin v5 be put out that uses Serialize-Javascript 3.1.0?
Projects which don't require the changes made in Copy-Webpack-Plugin v6, but do desire elimination of vulnerable dependencies.
No, please update CopyWebpackPlugin to latest version
There are many big fixes for v6, so prefer to update version to latest, migration is very easy