Snyk vulnerability check fails

[sarimarton]

Hi,

In our enterprise environment, PRs have to go through a snyk vulnerability check, and it finds the following error:

HIGH SEVERITY
 Prototype Pollution
Affected module: cache-base@1.0.1

Introduced through: patch-package@6.2.2

Exploit maturity: No known exploit

Fixed in: cache-base@4.0.0

Detailed paths
Introduced through:   patch-package@6.2.2  ›  find-yarn-workspace-root@1.2.1  ›  micromatch@3.1.10  ›  snapdragon@0.8.2  ›  base@0.11.2  ›  cache-base@1.0.1

Introduced through:   patch-package@6.2.2  ›  find-yarn-workspace-root@1.2.1  ›  micromatch@3.1.10  ›  braces@2.3.2  ›  snapdragon@0.8.2  ›  base@0.11.2  ›  cache-base@1.0.1

Introduced through:   patch-package@6.2.2  ›  find-yarn-workspace-root@1.2.1  ›  micromatch@3.1.10  ›  extglob@2.0.4  ›  snapdragon@0.8.2  ›  base@0.11.2  ›  cache-base@1.0.1

A solution is to update find-yarn-workspace-root to v2.0.0, I'm gonna make a PR. I did the update locally, ran the tests, and it seems okay. Not all snapshot tests pass, but the same 3 of them fail as without the update ;)