npm audit found several vulnerabilities

[abhiShandy]

BTC-RPC explorer v2.0.2

• 5 low severity vulnerabilities
• npm audit fix fixes 4 of them

Caravan v0.2.0

• 4997 vulnerabilties
• npm audit fix fixes 4984 of them
• upgrading to v0.3.1 might fix them

Corsproxy v1.7.0

• 172 vulnerabilities (39 low, 87 moderate, 45 high, 1 critical)
• npm audit fix fixes 11 of them

lnd-admin

• 14 vulnerabilities (11 low, 3 high)
• npm audit fix fixes 12 of them

LndHub v1.2.0

• 321 low severity vulnerabilities
• npm audit fix fixes 318 of them

ThunderHub v0.8.13

• 2 vulnerabilities (1 moderate, 1 high)
• js_yaml is the culprit for both vulnerabilities, even if package.json of thunderhub wants to install 3.14.1, the install script pulls the the vulnerable 3.13 version
• npm audit fix doesn't fix it

RTL v0.7.0

• 242 vulnerabilities (240 low, 2 high)
• http_proxy is the culprit for 2 high vulnerability
• npm audit fix fixes 234 of them (including the 2 high ones)
• upgrading to v0.8.2 might fix all of them

[abhiShandy]

• upgrading RTL to v0.8.2 fixes the vulnerabilities
• I have submitted a PR with Caravan
• master branch LndHub has only 1 vulnerability, but they haven't tagged a release
• My recent PR on BTC-RPC explorer fixed 4 out of 5
• Original CORSproxy hasn't been updated for almost 3 years, has many deprecated dependencies

[Jacksper13]

@tehelsper Multiple upgrades for all listed apps since July 2020, with @abhiShandy's approval I would close this issue