NPM-AUDIT find to high vulnerabilities. What am I supposed to do?

Question

npm audit run on my project and got me this

High Command Injection
Dependency of @angular-devkit/build-angular [dev]

Answer 1

I just had this problem too and after some researchs, i found something:

NPM throws error on "audit fix" - Configured registry is not supported

Of course, it's about an other problem but, by adapting the solution given there, it resolved my problem.

So :

• Delete the node_modules folder of tree-kill
• Edit package-lock.json file like it's done but with tree-kill module instead.
• Don't forget to run npm install at the end

I hope i've been clear enough.