New project `npm install` shows vulnerabilities

[noncom]

Describe the bug

Following the quickstart guide https://evite.netlify.app/guide/#scaffolding-your-first-electron-vite-project I've executed:

npm create @quick-start/electron

And chose Vue as the renderer option.

After performing

npm install

in the project created by the template, that's the output:

path> npm install
npm WARN deprecated sourcemap-codec@1.4.8: Please use @jridgewell/sourcemap-codec instead
npm WARN deprecated asar@3.2.0: Please use @electron/asar moving forward.  There is no API change, just a package name change
npm WARN deprecated electron-osx-sign@0.6.0: Please use @electron/osx-sign moving forward. Be aware the API is slightly different

> electron-vite--vue-test@1.0.0 postinstall
> electron-builder install-app-deps

  • electron-builder  version=23.6.0
  • loaded configuration  file=path\electron-vite--vue-test\electron-builder.yml

added 471 packages, and audited 472 packages in 59s

63 packages are looking for funding
  run `npm fund` for details

9 vulnerabilities (3 moderate, 6 high)

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

So there are 9 vulnerabilities and 3 outdated packages. Could these be updated in the template so that it creates a project with no vulnerabilities?

I know that everything constantly updates, but it would be also cool to have an up-to-date template that can be relied upon.

Used Scaffolding

create-electron

Used Package Manager

npm

Validations

• [X] Follow the Code of Conduct.
• [X] Read the Contributing Guidelines.
• [X] Read the docs.
• [X] Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.

[alex8088]

Yes, it will be updated regularly, but some sub-modules cannot be determined by ourselves like electron-builder.