NPM-AUDIT find to high vulnerabilities. What am I supposed to do?

Question

npm audit run on my project and got me this

High Command Injection
Dependency of @angular-devkit/build-angular [dev]

Answer 1

I was having the same problem today and I fixed it by:

1. delete the tree-kill package from the node_modules folder.
2. delete the package-lock.json file.
3. go to the @angular-devkit/build-angular folder in the node_modules folder and edit the package.json file; change tree-kill version from 1.2.1 to 1.2.2
4. go to @ngtools/webpack folder in the node_modules folder and do the same as step 3.

run npm install after that.