How to resolve items found with Node Security Platform (nsp)

Anyone now the method on How to resolve items found with Node Security Platform (nsp).

I’ve figured out how to use nsp to check my code in a npm script. But how do you resolve issues when you find them with dependent package of a key package you are using.

Example running a nsp security check on my code I find that a dependent package for lodash has vulnerability. How does one go about resolving this kind of thing.

Thanks,
Ron

It’s not up to you to upgrade nested dependencies. It’s up to the project maintainers. NSP will give you remediation options

Lodash: prototype pollution
https://nodesecurity.io/advisories/577