I'm trying out Vue and I want to work with a consistent and up-to-date environment.

In first, I create "hello world".

.. and: Hurray it’s working!

now npm refresh ... (This is probably the error)

... but vulnerables are not acceptable!

Now there are even more security vulnerabilities and a no longer running minimal project

I'm wondering if it's ever possible to build and run a secure application (given the sheer number of dependencies)? How do you get a clear overview?