extremely high number of vulnerabilities found (mostly low)

[jujoco]

My company is using a 4yr old version of cornerstone. I've been tasked with updating our repo so we could be able to create a new custom react checkout page.
Anyway, should I be concerned with the amount of vulnerabilities npm detects?
node v10.16.3
npm v6.9.0

Expected behavior

found 0 vulnerabilities. you're good to go 👍

Actual behavior

found 59799 vulnerabilities (59353 low, 291 moderate, 150 high, 5 critical)

Steps to reproduce behavior

1. fork repo
2. cd into project
3. npm install.

[wwwdepot]

Mostly are related to the stencil-cli package, I think you should open an issue over there https://github.com/bigcommerce/stencil-cli

[junedkazi]

@jujoco as @wwwdepot pointed out most of it is due to stencil cli which we pull in as dev dependency to test if the bundle generation is successful as part of the travis check. We are woking on addressing these old dependencies.

[bookernath]

This should now be resolved for the most part, closing.

We will separately pursue improvements to CLI, but this should be fixed for Cornerstone by removing the dependency.