npm install: 3 high severity vulnerabilities

[pyk]

Vulnerabilites report from npm install:

$ npm i @cloudflare/wrangler -g

added 34 packages, and audited 35 packages in 14s

3 high severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

node & npm version

$ node --version
v15.5.0
$ npm --version
7.3.0

[ags799]

You can see the details if you run npm audit from within the npm directory of the project:

# npm audit report

axios  <0.21.1
Severity: high
Server-Side Request Forgery - https://npmjs.com/advisories/1594
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/axios
  binary-install  <=0.1.0
  Depends on vulnerable versions of axios
  node_modules/binary-install

npm  <=6.14.5
Severity: high
Symlink reference outside of node_modules - https://npmjs.com/advisories/1436
Global node_modules Binary Overwrite - https://npmjs.com/advisories/1437
Sensitive Data Exposure - https://npmjs.com/advisories/1543
npm Token Leak - https://npmjs.com/advisories/98
fix available via `npm audit fix`


3 high severity vulnerabilities

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

I don't think we need to worry about the SSRF in axios. Not sure about the npm vulnerabilities either.

Note that I ran this with my own npm at 7.5.1.