Both 7.70.25 and 7.10.30 seem to be full of critical security issues

[jameskhedley]

Yarn audit on 7.70.25:

120 vulnerabilities found - Packages audited: 984
Severity: 11 Low | 67 Moderate | 34 High | 8 Critical
Done in 1.80s.

Yarn audit on 7.10.31 even more:

140 vulnerabilities found - Packages audited: 930
Severity: 11 Low | 79 Moderate | 36 High | 14 Critical
Done in 2.07s.

Do these need manual fixes at this point? I tried using npm audit fix to resolve these but no luck so far.

[jameskhedley]

Some of the crits I saw turned out to be devDependencies, had to remove them from the package.json manually since yarn install --production doesn't seem to do it (why not?)

I tried 8.8.2, that's better but still seeing a critical in socket.io-parser:3.4.3 as required by https://github.com/scality/Arsenal/releases/tag/8.1.87 via multiple other Scality libs