npm notice created a lockfile as package-lock.json. You should commit this file.
added 919 packages from 1406 contributors and audited 4695 packages in 54.621s
found 36 vulnerabilities (9 low, 10 moderate, 17 high)
run `npm audit fix` to fix them, or `npm audit` for details