Address the Current npm Vulnerabilities

Describe the bug
Running npm audit list in the project currently returns: 55 vulnerabilities (12 moderate, 24 high, 19 critical). I know these are a PITA to address/fix, but this is a bit of a scary sight to see, especially for new adopters.
This issue is intended to track the progress in bringing this number down to a more acceptable count.
npm audit list on the main branch currently reports the following:
# npm audit report

@yaireo/tagify  <4.9.8
Severity: moderate
tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payload - https://github.com/advisories/GHSA-pxpf-v376-7xx5
fix available via `npm audit fix`
node_modules/@yaireo/tagify

ansi-html  <0.0.8
Severity: high
Uncontrolled Resource Consumption in ansi-html - https://github.com/advisories/GHSA-whgm-jr23-g3j9
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/ansi-html
  @pmmmwh/react-refresh-webpack-plugin  <=0.5.0-rc.6
  Depends on vulnerable versions of ansi-html
  node_modules/react-scripts/node_modules/@pmmmwh/react-refresh-webpack-plugin
    react-scripts  >=0.10.0-alpha.328cb32e
    Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
    Depends on vulnerable versions of @svgr/webpack
    Depends on vulnerable versions of optimize-css-assets-webpack-plugin
    Depends on vulnerable versions of react-dev-utils
    Depends on vulnerable versions of webpack-dev-server
    Depends on vulnerable versions of workbox-webpack-plugin
    node_modules/react-scripts
  webpack-dev-server  2.0.0-beta - 4.7.2
  Depends on vulnerable versions of ansi-html
  Depends on vulnerable versions of chokidar
  Depends on vulnerable versions of selfsigned
  node_modules/webpack-dev-server

async  2.0.0 - 2.6.3
Severity: high
Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
fix available via `npm audit fix`
node_modules/metro/node_modules/async
node_modules/portfinder/node_modules/async

browserslist  4.0.0 - 4.16.4
Severity: moderate
Regular Expression Denial of Service in browserslist - https://github.com/advisories/GHSA-w8qv-6jwh-64r5
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/react-dev-utils/node_modules/browserslist
  react-dev-utils  0.6.0-alpha.f55d2212 - 12.0.0-next.60
  Depends on vulnerable versions of browserslist
  Depends on vulnerable versions of immer
  Depends on vulnerable versions of shell-quote
  node_modules/react-dev-utils
    react-scripts  >=0.10.0-alpha.328cb32e
    Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
    Depends on vulnerable versions of @svgr/webpack
    Depends on vulnerable versions of optimize-css-assets-webpack-plugin
    Depends on vulnerable versions of react-dev-utils
    Depends on vulnerable versions of webpack-dev-server
    Depends on vulnerable versions of workbox-webpack-plugin
    node_modules/react-scripts

ejs  <3.1.7
Severity: critical
Template injection in ejs - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/@surma/rollup-plugin-off-main-thread/node_modules/ejs
node_modules/ejs
  @surma/rollup-plugin-off-main-thread  <=2.1.0
  Depends on vulnerable versions of ejs
  node_modules/@surma/rollup-plugin-off-main-thread
    workbox-build  5.0.0-alpha.0 - 6.3.0
    Depends on vulnerable versions of @surma/rollup-plugin-off-main-thread
    node_modules/workbox-build
      workbox-webpack-plugin  5.0.0-alpha.0 - 5.1.4 || 6.2.2 - 6.3.0
      Depends on vulnerable versions of workbox-build
      node_modules/workbox-webpack-plugin
        react-scripts  >=0.10.0-alpha.328cb32e
        Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
        Depends on vulnerable versions of @svgr/webpack
        Depends on vulnerable versions of optimize-css-assets-webpack-plugin
        Depends on vulnerable versions of react-dev-utils
        Depends on vulnerable versions of webpack-dev-server
        Depends on vulnerable versions of workbox-webpack-plugin
        node_modules/react-scripts

electron  *
Severity: moderate
Depends on vulnerable versions of @electron/get
Renderers can obtain access to random bluetooth device without permission in Electron - https://github.com/advisories/GHSA-3p22-ghq8-v749
AutoUpdater module fails to validate certain nested components of the bundle - https://github.com/advisories/GHSA-77xc-hjv8-ww97
Compromised child renderer processes could obtain IPC access without nodeIntegrationInSubFrames being enabled - https://github.com/advisories/GHSA-mq8j-3h7h-p8g7
fix available via `npm audit fix`
node_modules/electron

eventsource  <1.1.1
Severity: critical
Exposure of Sensitive Information in eventsource - https://github.com/advisories/GHSA-6h5x-7c5m-7cr7
fix available via `npm audit fix`
node_modules/eventsource

glob-parent  <5.1.2
Severity: high
Regular expression denial of service in glob-parent - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/chokidar/node_modules/glob-parent
  chokidar  1.0.0-rc1 - 2.1.8
  Depends on vulnerable versions of glob-parent
  node_modules/chokidar
    watchpack-chokidar2  *
    Depends on vulnerable versions of chokidar
    node_modules/watchpack-chokidar2
      watchpack  1.7.2 - 1.7.5
      Depends on vulnerable versions of watchpack-chokidar2
      node_modules/webpack/node_modules/watchpack
        webpack  4.44.0 - 4.46.0
        Depends on vulnerable versions of watchpack
        node_modules/webpack
    webpack-dev-server  2.0.0-beta - 4.7.2
    Depends on vulnerable versions of ansi-html
    Depends on vulnerable versions of chokidar
    Depends on vulnerable versions of selfsigned
    node_modules/webpack-dev-server
      react-scripts  >=0.10.0-alpha.328cb32e
      Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
      Depends on vulnerable versions of @svgr/webpack
      Depends on vulnerable versions of optimize-css-assets-webpack-plugin
      Depends on vulnerable versions of react-dev-utils
      Depends on vulnerable versions of webpack-dev-server
      Depends on vulnerable versions of workbox-webpack-plugin
      node_modules/react-scripts

got  <11.8.5
Severity: moderate
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
fix available via `npm audit fix --force`
Will install web-ext@7.1.0, which is a breaking change
node_modules/download/node_modules/got
node_modules/got
  @electron/get  *
  Depends on vulnerable versions of got
  node_modules/@electron/get
    electron  *
    Depends on vulnerable versions of @electron/get
    node_modules/electron
  download  >=4.0.0
  Depends on vulnerable versions of got
  node_modules/download
    addons-scanner-utils  *
    Depends on vulnerable versions of download
    node_modules/addons-linter/node_modules/addons-scanner-utils
      addons-linter  >=2.11.0
      Depends on vulnerable versions of addons-scanner-utils
      node_modules/addons-linter
        web-ext  >=1.7.0
        Depends on vulnerable versions of @devicefarmer/adbkit
        Depends on vulnerable versions of addons-linter
        Depends on vulnerable versions of update-notifier
        node_modules/web-ext
  package-json  <=6.5.0
  Depends on vulnerable versions of got
  node_modules/package-json
    latest-version  0.2.0 - 5.1.0
    Depends on vulnerable versions of package-json
    node_modules/latest-version
      update-notifier  >=0.2.0
      Depends on vulnerable versions of latest-version
      node_modules/update-notifier
        electron-builder  >=5.6.1
        Depends on vulnerable versions of update-notifier
        node_modules/electron-builder

immer  <9.0.6
Severity: critical
Prototype Pollution in immer - https://github.com/advisories/GHSA-33f9-j839-rf8h
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/immer
  react-dev-utils  0.6.0-alpha.f55d2212 - 12.0.0-next.60
  Depends on vulnerable versions of browserslist
  Depends on vulnerable versions of immer
  Depends on vulnerable versions of shell-quote
  node_modules/react-dev-utils
    react-scripts  >=0.10.0-alpha.328cb32e
    Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
    Depends on vulnerable versions of @svgr/webpack
    Depends on vulnerable versions of optimize-css-assets-webpack-plugin
    Depends on vulnerable versions of react-dev-utils
    Depends on vulnerable versions of webpack-dev-server
    Depends on vulnerable versions of workbox-webpack-plugin
    node_modules/react-scripts

moment  <2.29.2
Severity: high
Path Traversal: 'dir/../../filename' in moment.locale - https://github.com/advisories/GHSA-8hfj-j24r-96c4
fix available via `npm audit fix`
node_modules/moment

node-forge  <=1.2.1
Severity: high
URL parsing in node-forge could lead to undesired behavior. - https://github.com/advisories/GHSA-gf8q-jrpm-jvxq
Improper Verification of Cryptographic Signature in node-forge - https://github.com/advisories/GHSA-cfm4-qjh2-4765
fix available via `npm audit fix --force`
Will install web-ext@7.1.0, which is a breaking change
node_modules/node-forge
  @devicefarmer/adbkit  <=3.2.1
  Depends on vulnerable versions of node-forge
  node_modules/@devicefarmer/adbkit
    web-ext  >=1.7.0
    Depends on vulnerable versions of @devicefarmer/adbkit
    Depends on vulnerable versions of addons-linter
    Depends on vulnerable versions of update-notifier
    node_modules/web-ext
  selfsigned  1.1.1 - 1.10.14
  Depends on vulnerable versions of node-forge
  node_modules/selfsigned
    webpack-dev-server  2.0.0-beta - 4.7.2
    Depends on vulnerable versions of ansi-html
    Depends on vulnerable versions of chokidar
    Depends on vulnerable versions of selfsigned
    node_modules/webpack-dev-server
      react-scripts  >=0.10.0-alpha.328cb32e
      Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
      Depends on vulnerable versions of @svgr/webpack
      Depends on vulnerable versions of optimize-css-assets-webpack-plugin
      Depends on vulnerable versions of react-dev-utils
      Depends on vulnerable versions of webpack-dev-server
      Depends on vulnerable versions of workbox-webpack-plugin
      node_modules/react-scripts

nth-check  <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/react-native-svg/node_modules/nth-check
node_modules/svgo/node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/react-native-svg/node_modules/css-select
  node_modules/svgo/node_modules/css-select
    react-native-svg  9.13.0 - 12.2.0
    Depends on vulnerable versions of css-select
    node_modules/react-native-svg
    svgo  1.0.0 - 1.3.2
    Depends on vulnerable versions of css-select
    node_modules/svgo
      @svgr/plugin-svgo  <=5.5.0
      Depends on vulnerable versions of svgo
      node_modules/@svgr/plugin-svgo
        @svgr/webpack  4.0.0 - 5.5.0
        Depends on vulnerable versions of @svgr/plugin-svgo
        node_modules/@svgr/webpack
          react-scripts  >=0.10.0-alpha.328cb32e
          Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
          Depends on vulnerable versions of @svgr/webpack
          Depends on vulnerable versions of optimize-css-assets-webpack-plugin
          Depends on vulnerable versions of react-dev-utils
          Depends on vulnerable versions of webpack-dev-server
          Depends on vulnerable versions of workbox-webpack-plugin
          node_modules/react-scripts
      postcss-svgo  4.0.0-nightly.2020.1.9 - 5.0.0-rc.2
      Depends on vulnerable versions of svgo
      node_modules/postcss-svgo
        cssnano-preset-default  <=4.0.8
        Depends on vulnerable versions of postcss-svgo
        node_modules/cssnano-preset-default
          cssnano  4.0.0-nightly.2020.1.9 - 4.1.11
          Depends on vulnerable versions of cssnano-preset-default
          node_modules/cssnano
            optimize-css-assets-webpack-plugin  3.2.1 || 5.0.0 - 5.0.8
            Depends on vulnerable versions of cssnano
            node_modules/optimize-css-assets-webpack-plugin

plist  <3.0.5
Severity: critical
Prototype pollution in Plist - https://github.com/advisories/GHSA-4cpg-3vgw-4877
fix available via `npm audit fix`
node_modules/plist

shell-quote  <=1.7.2
Severity: critical
Improper Neutralization of Special Elements used in a Command in Shell-quote - https://github.com/advisories/GHSA-g4rg-993r-mgx7
fix available via `npm audit fix --force`
Will install react-scripts@5.0.1, which is a breaking change
node_modules/@react-native-community/cli-tools/node_modules/shell-quote
node_modules/shell-quote
  @react-native-community/cli-tools  4.8.0 - 5.0.0-alpha.0 || 5.0.1-alpha.0 - 6.2.0
  Depends on vulnerable versions of shell-quote
  node_modules/@react-native-community/cli-tools
    @react-native-community/cli  4.8.0 - 7.0.3
    Depends on vulnerable versions of @react-native-community/cli-hermes
    Depends on vulnerable versions of @react-native-community/cli-plugin-metro
    Depends on vulnerable versions of @react-native-community/cli-server-api
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli
      react-native  <=0.0.0-ffdfbbec0 || 0.63.3 - 0.68.2
      Depends on vulnerable versions of @react-native-community/cli
      Depends on vulnerable versions of @react-native-community/cli-platform-ios
      node_modules/react-native
    @react-native-community/cli-hermes  <=6.3.0
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli-hermes
    @react-native-community/cli-platform-android  4.8.0 - 6.3.0
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli-platform-android
    @react-native-community/cli-platform-ios  4.8.0 - 6.2.0
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli-platform-ios
    @react-native-community/cli-plugin-metro  <=7.0.3
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli-plugin-metro
    @react-native-community/cli-server-api  <=7.0.3
    Depends on vulnerable versions of @react-native-community/cli-tools
    node_modules/@react-native-community/cli-server-api
  react-dev-utils  0.6.0-alpha.f55d2212 - 12.0.0-next.60
  Depends on vulnerable versions of browserslist
  Depends on vulnerable versions of immer
  Depends on vulnerable versions of shell-quote
  node_modules/react-dev-utils
    react-scripts  >=0.10.0-alpha.328cb32e
    Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
    Depends on vulnerable versions of @svgr/webpack
    Depends on vulnerable versions of optimize-css-assets-webpack-plugin
    Depends on vulnerable versions of react-dev-utils
    Depends on vulnerable versions of webpack-dev-server
    Depends on vulnerable versions of workbox-webpack-plugin
    node_modules/react-scripts

simple-plist  <1.3.1
Severity: critical
Prototype Pollution in simple-plist - https://github.com/advisories/GHSA-gff7-g5r8-mg8m
fix available via `npm audit fix`
node_modules/simple-plist

55 vulnerabilities (12 moderate, 24 high, 19 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force
To Reproduce Steps to reproduce the behavior:
npm audit list
alephium / desktop-wallet

Address the Current npm Vulnerabilities #267
