# JS Dependencies Firstly looking through the alerts a couple now say: * "No security update is needed as kind-of is no longer vulnerable" * "No security update is needed as ansi-regex is no longer vulnerable" These a updates that may be useful, the main one being `css-loader` as it's so old. * `superagent` need bumping. App is using `^2.2.0` and latest is `8.0.0` * `flux` could be bumped from `^3.1.1` to `4.0.3` * `css-loader` needs a major bump from `1.0.0` to `6.7.1` that needs some webpack config changes too. Some of the other issues are with dependencies of dependencies. Always a pain. One thing that make fixing some of these easier is by upgrading npm in the docker image. I think it's using 6.14.17 whilst 8.18.0 is the latest. Version 8 gives the user many more options for fixing dependency issues.