I have a vulnerability that is preventing my frontend's automated build.
I did a npm update and bower update, this caused new versions of dependencies to be included in my package.json and bower.json, all fine.
If I try the build the dependency error is still showing in two different locations:
node_modules/polymer-cli/node_modules/handlebars/dist/handlebars.js - v4.1.2
node_modules/bower/lib/node_modules/handlebars/dist/handlebars.js - v4.0.10
I don't understand why those versions were not updated even if I specifically requested the latest version for polymer-cli and bower.
I've searched everywhere in the codebase but I couldn't find any reference to those versions to update them.
Can you please help?