@ory/cli and npm audit

[sverretennoe]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

When running npm audit @ory/cli is reported as having vulnerabilities

Reproducing the bug

npm init
npm install --save-dev @ory/cli
npm audit

npm audit report

form-data <2.5.4
Severity: critical
form-data uses unsafe random function in form-data for choosing boundary - GHSA-fjxv-7rqg-78g4
No fix available
node_modules/form-data
request *
Depends on vulnerable versions of form-data
Depends on vulnerable versions of tough-cookie
node_modules/request
binwrap *
Depends on vulnerable versions of request
node_modules/binwrap
@ory/cli *
Depends on vulnerable versions of binwrap
node_modules/@ory/cli

tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - GHSA-72xf-g2v4-qvf3
No fix available
node_modules/tough-cookie

5 vulnerabilities (3 moderate, 2 critical)

Some issues need review, and may require choosing
a different dependency.

Relevant log output

Relevant configuration

Version

1.1.0

On which operating system are you observing this issue?

Windows

In which environment are you deploying?

Other

Additional Context

Ory support asked me to open this issue