Github is telling me that a dependency in my package-lock.json file is vulnerable and outdated. The problem is that if I do
npm install or
npm update, neither of them update the dependency in the package-lock.json file.
I’ve done a lot of googling on this, as well as deleted the file and done
If anyone can help resolve this I’d hugely appreciate it. The package in question is Hoek, which I don’t actually have in my package.json file.
Many thanks in advance.