After upgrading the packages to the recommended versions, I find that npm audit table exposes the same packages and vulnerabilities. For example, after finding that
cryptiles package is
high risk, I update to the recommended version (https://nodesecurity.io/advisories/720), but the issue persists and the package is mentioned in the table.
What I expect instead, is that after upgrading to the recommended version, to run
npm audit and not find the package listed there with “high risk” etc.