npm install gives warnings about vulnerabilities

[Yu-Chieh-Henry-Yang]

Expected behaviour:
npm install should install all packages without vulnerabilities

Actual behaviour:
Following installation guide, part of npm install output shows:

Testing binary
Binary is fine
added 1178 packages from 1021 contributors and audited 6453 packages in 16.457s
found 228 vulnerabilities (195 low, 21 moderate, 11 high, 1 critical)
run npm audit fix to fix them, or npm audit for details

Note:
running npm audit fix shows this:

• eslint-plugin-import@2.13.0
• node-sass@4.9.2
  added 4 packages from 6 contributors, removed 31 packages and updated 34 packages in 9.32s
  fixed 183 of 228 vulnerabilities in 6453 scanned packages
  4 package updates for 45 vulns involved breaking changes
  (use npm audit fix --force to install breaking changes; or refer to npm audit for steps to fix these manually)

which means there is still vulnerabilities

Steps to reproduce:
Following installation guide, up to the npm install step

[magdalenadrafiova]

@briri and @xsrust is still still relevant?

[briri]

yes. the upgrade should address most of these