found 58 vulnerabilities (38 low, 5 moderate, 15 high)

[cromatikap]

$ npm install
...
found 58 vulnerabilities (38 low, 5 moderate, 15 high)
run `npm audit fix` to fix them, or `npm audit` for details
$ npm audit fix
...
+ body-parser@1.18.3
+ gulp-angular-templatecache@2.2.5
+ express@4.16.4
added 22 packages from 47 contributors, removed 27 packages and updated 30 packages in 8.845s
fixed 14 of 58 vulnerabilities in 4015 scanned packages
  5 package updates for 44 vulns involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)
$ npm audit fix --force
...
fixed 44 of 44 vulnerabilities in 3696 scanned packages

All of this doesn't look really clean... I have also a small question, I've seen in package.json "postinstall": "node_modules/.bin/sequelize db:migrate; ./node_modules/.bin/gulp", it means that it's not necessary to follow the further instructions in the README after having typed npm install, right ? Actually localhost:3000 seems to work, I can connect.

[adonespitogo]

Yes most of the packages are already outdated since this project was built 2 years ago. I haven't had the time to update them. Pull requests are always welcome.