We are using our CMB2 library for a WordPress plugin. Upon upgrading to the latest release, GitHub alerted us to nine security alerts in package-lock.json. They all appear to be resolvable by using a later version of the problematic file. Below is a screenshot of all the files with issues.