node-notifier vulnerability in versions prior to 8.0.1

[corydorning]

Version

5.0.0-alpha.2

Reproduction link

https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794

Environment info

@vue/cli: ^4.5.10

Steps to reproduce

install vue-cli via npm. @vue-cli-ui uses node-notifier version ^6.0.0 which npm reports as a moderate vulnerability. More info here:
https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794

Dependency path:
@vue/cli > @vue/cli-ui > node-notifier

What is expected?

no vulnerability reported

What is actually happening?

vulnerability reported

[solancer]

@sodatea will this be resolved at some point?