npm audit revealed two vulnerabilities that should be resolved:
=== npm audit security report ===
# Run npm update concat-with-sourcemaps --depth 2 to resolve 2 vulnerabilities
Moderate Out-of-bounds Read
Package concat-with-sourcemaps
Dependency of gulp-concat
Path gulp-concat > concat-with-sourcemaps
More info https://nodesecurity.io/advisories/644
Moderate Out-of-bounds Read
Package concat-with-sourcemaps
Dependency of gulp-header
Path gulp-header > concat-with-sourcemaps
More info https://nodesecurity.io/advisories/644
found 2 moderate severity vulnerabilities in 162 scanned packages
run `npm audit fix` to fix 2 of them.
npm audit updates the package-lock.json file, which is not published (neither is npm-shrinkwrap.json as part of this package), so the fixes are for development time more so than runtime.
npm audit
revealed two vulnerabilities that should be resolved: