dpaquette
commented
1 year ago Just a note that the reason for the big changes in package-lock.json is because we've moved to npm 8.15.0 so we can take advantage of the new overrides feature of package.json.
Resolving
xml2jsDependabot Alert: https://github.com/microsoft/azure-devops-extension-sample/security/dependabot/40I only added overrides in
package.jsonand then rannpm install --package-lock-only