vulnerability CVE-2020-7598 is introduced by package minimist

[ayaka-kms]

Hi, @aksonov, a vulnerability CVE-2020-7598 is introduced in react-native-router-flux@4.3.0 via:
● react-native-router-flux@4.3.0 ➔ opencollective@1.0.3 ➔ minimist@1.2.0

However, opencollective is a legacy package, which has not been maintained for about 4 years.
Is it possible to migrate opencollective to other package to remediate this vulnerability?

I noticed several migration records in other js repo for opencollective:

1. in commitizen, version 2.10.1 ➔ 3.0.0, remove opencollective via commit
2. in fast-xml-parser, version 3.3.0 ➔ 3.3.1, remove opencollective via commit
3. in react-slick, version 0.12.1 ➔ 0.12.2, remove opencollective via commit
4. in level, version 3.0.1 ➔ 3.0.2, migrate opencollective to opencollective-postinstall via commit
5. in ngx-infinite-scroll, version 7.0.1 ➔ 7.1.0, migrate opencollective to opencollective-postinstall via commit
6. in inferno, version 7.1.8 ➔ 7.1.9, migrate opencollective to opencollective-postinstall via commit

Thanks.