As this project is still in early development, I will be tracking Node LTS.

1. Ensure that the vulnerability has not already been patched in develop
2. Make sure there isn't already an open Issue related to the vulnerability.
3. Raise an issue. As a minimum, provide the output of npm audit or any relevant information to re-produce the vulnerability.