Moderate vulnerabilities - dependabot

[jcalvento]

Hi,
We're using BullMQ with Taskforce and I've noticed we're continuously getting vulnerability alerts coming from this package. Checked you're PRs and looks like they match with the vulnerabilities reported by node/npm.
Is this still maintained and is there any chance to fix them in a future version?
Thanks!

[manast]

There is some issue with Dependabot that we are working on to fix. I have merged some PRs already, but no new version yet.