consider switching to web pack as a maintained alternative. This would allow getting rid of vulnerabilities warnings in npm:
$ npm audit
# npm audit report
brace-expansion <1.1.13 || >=2.0.0 <2.0.3
Severity: moderate
brace-expansion: Zero-step sequence causes process hang and memory exhaustion - https://github.com/advisories/GHSA-f886-m6hf-6m8v
brace-expansion: Zero-step sequence causes process hang and memory exhaustion - https://github.com/advisories/GHSA-f886-m6hf-6m8v
fix available via `npm audit fix`
node_modules/brace-expansion
node_modules/glob/node_modules/brace-expansion
elliptic *
Elliptic Uses a Cryptographic Primitive with a Risky Implementation - https://github.com/advisories/GHSA-848j-6mx2-7j84
fix available via `npm audit fix`
node_modules/elliptic
browserify-sign >=2.4.0
Depends on vulnerable versions of elliptic
node_modules/browserify-sign
crypto-browserify >=3.4.0
Depends on vulnerable versions of browserify-sign
Depends on vulnerable versions of create-ecdh
node_modules/browserify/node_modules/crypto-browserify
create-ecdh *
Depends on vulnerable versions of elliptic
node_modules/create-ecdh
5 vulnerabilities (4 low, 1 moderate)
To address all issues, run:
npm audit fix
consider switching to web pack as a maintained alternative. This would allow getting rid of vulnerabilities warnings in npm: