Dependency hell with #npm. I'm reviving an old project built with a #yeoman #jekyllrb generator three years ago. Finally got it to build, and then #Github alerted me to several critically vulnerable packages (thanks!). They are deep in the chain, many are deprecated entirely; `npm audit fix` doesn't work. Luckily, the app is a simple static site and my source is still compatible w/ Jekyll's API, so I can start from scratch and drop in my markup/styles/script.