Outdated version of @oclif/plugin-plugins causes high severity audit alerts

[gerardo-lima-moonfare]

Q&A (please complete the following information)

• CLI version: 0.9.0
• OS: macOS Ventura
• Node.js version: 20.15.0
• SwaggerHub version if On-Premise: none

Describe the bug you're encountering

swaggerhub-cli depends on an outdated version of @oclif/plugin-plugins that causes npm audit alerts

To reproduce...

Steps to reproduce the behavior:

1. Install swaggerhub-cli

$ npm install swaggerhub-cli

2. Execute command npm audit

$ npm audit

3. See error

# npm audit report

ip  *
Severity: high
NPM IP package incorrectly identifies some private IP addresses as public - https://github.com/advisories/GHSA-78xj-cgh5-2h22
ip SSRF improper categorization in isPublic - https://github.com/advisories/GHSA-2p57-rm9w-gvfp
fix available via `npm audit fix`
node_modules/npm/node_modules/ip

tar  <6.2.1
Severity: moderate
Denial of service while parsing a tar file due to lack of folders count validation - https://github.com/advisories/GHSA-f5x3-32g6-xq36
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/npm/node_modules/tar
  npm  <=10.5.0
  Depends on vulnerable versions of tar
  node_modules/npm
    @oclif/plugin-plugins  3.0.1 - 5.0.15 || 5.0.17
    Depends on vulnerable versions of npm
    node_modules/@oclif/plugin-plugins
      swaggerhub-cli  >=0.8.0
      Depends on vulnerable versions of @oclif/plugin-plugins
      node_modules/swaggerhub-cli

5 vulnerabilities (4 moderate, 1 high)

Expected behavior

Screenshots

Additional context or thoughts