Keeping dependencies at exact versions are causing people using this package to have duplicated packages in their node_modules. Since dependencies you're using are reputable and use semver, it's safe to use "^" version matching, allowing npm to do its job and dedupe stuff.
I also ran npm audit fix when updating package-lock.json since there was a ton of vulnerabilities.
Keeping dependencies at exact versions are causing people using this package to have duplicated packages in their node_modules. Since dependencies you're using are reputable and use semver, it's safe to use "^" version matching, allowing npm to do its job and dedupe stuff.
I also ran
npm audit fix
when updating package-lock.json since there was a ton of vulnerabilities.