[Snyk] Security upgrade cmd-shim from 2.1.0 to 4.0.1

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/@vue/cli/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept

Commit messages

Package name: cmd-shim

The new version differs by 20 commits.

• 4a799fb 4.0.1
• 8996762 use mkdirp-infer-owner instead of mkdirp directly
• 53804aa remove unsupported node versions
• f35dcd5 4.0.0
• 014ef35 simplify test scripts in package.json
• 48fd811 promisification
• c5f9b8e Update deps and coding style, require node >= 10
• bf5df11 3.0.3
• 2debda0 fix: preserve exit code in .cmd files
• c380c2a 3.0.2
• 9e85c82 fix: regression introduced due to broken batch file label syntax
• a9ea3f8 3.0.1
• 6a8ed06 limit files in package
• 74b09ac Update the lockfile
• 89c868c test: fix ENOTDIR test on windows
• a824773 3.0.0
• 9dc0235 auto-publish scripts
• 4c37e04 Work around quoted batch file names
• 9cc5388 package-lock
• 5909443 update tap to 12.x

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic