Repaired two high severity vulnerabilities and one low one.

There are also 49 prototype pollution vulnerabilities related to tap's use of lodash. You should be able to fix it by updating tap.

package-lock.json

@@ -1043,9 +1043,9 @@
       }
     },
     "bl": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.2.tgz",
-      "integrity": "sha512-j4OH8f6Qg2bGuWfRiltT2HYGx0e1QcBTrK9KAHNMwMZdQnDZFk0ZSYIpADjYCB3U12nicC5tVJwSIhwOWjb4RQ==",
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.3.tgz",
+      "integrity": "sha512-fs4G6/Hu4/EE+F75J8DuN/0IpQqNjAdC7aEQv7Qt8MHGUH7Ckv2MwTEEeN9QehD0pfIDkMI1bkHYkKy7xHyKIg==",
       "requires": {
         "buffer": "^5.5.0",
         "inherits": "^2.0.4",
@@ -2891,9 +2891,9 @@
       }
     },
     "node-fetch": {
-      "version": "2.6.0",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.0.tgz",
-      "integrity": "sha512-8dG4H5ujfvFiqDmVu9fQ5bOHUC15JMjMY/Zumv26oOvvVJjM67KF8koCWIabKQ1GJIa9r2mMZscBq/TbdOcmNA=="
+      "version": "2.6.1",
+      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz",
+      "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw=="
     },
     "node-modules-regexp": {
       "version": "1.0.0",

package.json

@@ -23,7 +23,7 @@
     "is-in-subnet": "^3.1.0",
     "mixin-deep": "^2.0.1",
     "node-dir": "^0.1.17",
-    "node-fetch": "^2.6.0",
+    "node-fetch": "^2.6.1",
     "pinski": "git+https://git.sr.ht/~cadence/nodejs-pinski#ce07b2e32e79def5938f6cff6ddc28e5a290a0de",
     "pug": "^3.0.0",
     "semver": "^7.3.2",