Check alerts pointing to files within node_modules (retireJS)
Some issues generated by RetireJS are pointing to files within node_modules. We must investigate and fix that.
If the vuln is linked to a node_module, then it should point to the package-lock.json or yarn.lock file instead.
Other possibility: retire is scanning the node_modules as if it was part of the source code. It shouldn't.