Package dependency is causing semver moderate vulnerabilities

[raulHaufe]

Describe the bug
When installing mjml package, there is a dependency which is causing a moderate vulnerability. (semver, more info here GHSA-c2qf-rxjj-qqgw)

To Reproduce
Steps to reproduce the behavior:

1. Create a new project using npm npm init
2. intall mjml npm i mjml
3. Check the console output

> npm i mjml@4.14.1

added 140 packages, and audited 141 packages in 6s

26 packages are looking for funding
  run `npm fund` for details

3 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

4. Execute npm audit and check the console output

> npm audit           
# npm audit report

semver  <7.5.2
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix`
node_modules/semver
  editorconfig  0.13.3 - 0.15.3
  Depends on vulnerable versions of semver
  node_modules/editorconfig
    js-beautify  >=1.8.0-rc10
    Depends on vulnerable versions of editorconfig
    node_modules/js-beautify

3 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

Expected behavior
A clear and concise description of what you expected to happen.

MJML environment (please complete the following information):

• OS: MacOS
• MJML Version <= 4.14.1
• MJML tool used: npm
• Node version: v16
• NPM version: 9.5.1

Additional context
npm audit fix is not working

[tosie]

+1

I would send a PR, but I think I am too unfamiliar with the whole project to update dependencies 🤷‍♂️

[pguedescamargo]

#2707

[hfhchan-plb]

Unfortunately it was approved but not merged?