Remove CVE-2021-23369 finding for modules using CLI [#1130]

[ra100]

handlebars@4.7.7 is already in the yarn.lock, but when TSOA is imported,
yarn audit finds this issue, based on version in package.json version
GHSA-f2jv-r9rf-7988

All Submissions:

• Have you followed the guidelines in our Contributing document?
• Have you checked to ensure there aren't other open Pull Requests for the same update/change?
• N/A - Have you written unit tests?
• N/A - Have you written unit tests that cover the negative cases (i.e.: if bad data is submitted, does the library respond properly)?
• - This PR is associated with an existing issue? Projects importing TSOA report Critical CVE finding #1130

Closing issues

closes #1130

If this is a new feature submission:

• Has the issue had a maintainer respond to the issue and clarify that the feature is something that aligns with the goals and philosophy of the project?

Potential Problems With The Approach

None

Test plan

N/A

[ra100]

If this doesn't make sense, feel free to just decline :)
And I'll use "resolutions" on package.json, in our project.

[mrl5]

@ra100 I think you should consider committing also yarn.lock

in case you need more info:

• https://classic.yarnpkg.com/en/docs/yarn-lock/#toc-check-into-source-control
• https://classic.yarnpkg.com/blog/2016/11/24/lockfiles-for-all/

[ra100]

@mrl5 right, my bad, of course, done