npm

Npm swears on browser-sync and gulp-minify-css, what is the reason and how to fix it?

Trying to install packages from package.json

{
"name": "egproject",
"version": "0.1.0",
"private": true,
"description": "My first egproject",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "Mikha",
"license": "ISC",
"devDependencies": {
"browser-sync": "^ 2.26.13",
"del": "^6.0.0",
"gulp": "^4.0.2",
"gulp-autoprefixer": "^7.0.1",
"gulp-if": "^3.0.0",
"gulp-imagemin": "^7.1.0",
"gulp-minify-css": "^1.2.3",
"gulp-rigger": "^0.5.8",
" gulp-sass": "^4.1.0",
"gulp-uglify": "^3.0.2",
"gulp-useref": "^5.0.0",
"node-bourbon": "^4.2.8",
"run-sequence": "^2.2.1"
},
"dependencies": {
"axios": " ^0.21.1"
}
}

An error occurs during installation:

=== npm audit security report ===

Manual Review
Some vulnerabilities require your attention to resolve

Visit https://go.npm.me/audit-guide for additional guidance

Low Regular Expression Denial of Service

Package clean-css

Patched in >= 4.1.11

Dependency of gulp-minify-css [dev]

Path gulp-minify-css > clean-css

More info https://npmjs.com/advisories/785

High Server-Side Request Forgery

Package axios

Patched in >=0.21.1

Dependency of browser-sync [dev]

Path browser-sync > localtunnel > axios

More info https://npmjs.com/advisories/1594

How to deal?