问题1：

audited 1806 packages in 7.655s

49 packages are looking for funding
  run `npm fund` for details

found 16 vulnerabilities (3 low, 4 moderate, 9 high)
  run `npm audit fix` to fix them, or `npm audit` for details

解决办法1：

运行npm audit fix或者npm audit 

又报错，运行npm audit --json打印详细信息

{
  "actions": [
    {
      "action": "review",
      "module": "wangeditor",
      "resolves": [
        {
          "id": 876,
          "path": "wangeditor",
          "dev": false,
          "bundled": false,
          "optional": false
        }
      ]
    },
    {
      "action": "review",
      "module": "minimist",
      "resolves": [
        {
          "id": 1179,
          "path": "@antv/l7>@antv/l7-layers>@antv/l7-source>@mapbox/geojson-rewind>sharkdown>minimist",
          "dev": false,
          "optional": false,
          "bundled": false
        }
      ]
    }
  ],
  "advisories": {
    "876": {
      "findings": [
        {
          "version": "3.1.1",
          "paths": [
            "wangeditor"
          ]
        }
      ],
      "id": 876,
      "created": "2019-05-06T17:53:04.792Z",
      "updated": "2019-07-12T16:20:10.969Z",
      "deleted": null,
      "title": "Cross-Site Scripting",
      "found_by": {
        "link": "",
        "name": "fuxiao1"
      },
      "reported_by": {
        "link": "",
        "name": "fuxiao1"
      },
      "module_name": "wangeditor",
      "cves": [],
      "vulnerable_versions": ">=0",
      "patched_versions": "<0.0.0",
      "overview": "All versions of `wangeditor` are vulnerable to Cross-Site Scripting. The package fails to properly encode output, allowing arbitrary JavaScript to be inserted in links and executed by browsers.",
      "recommendation": "No fix is currently available. Consider using an alternative module until a fix is made available.",
      "references": "- [GitHub Issue](https://github/wangfupeng1988/wangEditor/issues/1945)\n- [Snyk Report](https://snyk.io/vuln/SNYK-JS-WANGEDITOR-174536)",
      "access": "public",
      "severity": "high",
      "cwe": "CWE-79",
      "metadata": {
        "module_type": "",
        "exploitability": 5,
        "affected_components": ""
      },
      "url": "https://npmjs/advisories/876"
    },
    "1179": {
      "findings": [
        {
          "version": "0.0.5",
          "paths": [
            "@antv/l7>@antv/l7-layers>@antv/l7-source>@mapbox/geojson-rewind>sharkdown>minimist"
          ]
        }
      ],
      "id": 1179,
      "created": "2019-09-23T15:01:43.049Z",
      "updated": "2020-03-18T19:41:45.921Z",
      "deleted": null,
      "title": "Prototype Pollution",
      "found_by": {
        "link": "https://www.checkmarx/resources/blog/",
        "name": "Checkmarx Research Team",
        "email": ""
      },
      "reported_by": {
        "link": "https://www.checkmarx/resources/blog/",
        "name": "Checkmarx Research Team",
        "email": ""
      },
      "module_name": "minimist",
      "cves": [],
      "vulnerable_versions": "<0.2.1 || >=1.0.0 <1.2.3",
      "patched_versions": ">=0.2.1 <1.0.0 || >=1.2.3",
      "overview": "Affected versions of `minimist` are vulnerable to prototype pollution. Arguments are not properly sanitized, allowing an attacker to modify the prototype of `Object`, causing the addition or modification of an exi
sting property that will exist on all objects.  \nParsing the argument `--__proto__.y=Polluted` adds a `y` property with value `Polluted` to all objects. The argument `--__proto__=Polluted` raises and uncaught error and crashes the
application.  \nThis is exploitable if attackers have control over the arguments being passed to `minimist`.\n",
      "recommendation": "Upgrade to versions 0.2.1, 1.2.3 or later.",
      "references": "- [GitHub commit 1](https://github/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95)\n- [GitHub commit 2](https://github/substack/minimist/commit/63
e7ed05aa4b1889ec2f3b196426db4500cbda94)",
      "access": "public",
      "severity": "low",
      "cwe": "CWE-471",
      "metadata": {
        "module_type": "",
        "exploitability": 1,
        "affected_components": ""
      },
      "url": "https://npmjs/advisories/1179"
    }
  },
  "muted": [],
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 1,
      "moderate": 0,
      "high": 1,
      "critical": 0
    },
    "dependencies": 753,
    "devDependencies": 1081,
    "optionalDependencies": 26,
    "totalDependencies": 1835
  },
  "runId": "a0582b73-2c7a-4f66-889f-bf14c7915028"
}

可以看出是有两个module有问题wangeditor和minimist

 "module_name": "wangeditor",
      "cves": [],
      "vulnerable_versions": ">=0",
      "patched_versions": "<0.0.0",
      "overview": "All versions of `wangeditor` are vulnerable to Cross-Site Scripting. The package fails to properly encode output, allowing arbitrary JavaScript to be inserted in links and executed by browsers.",
      "recommendation": "No fix is currently available. Consider using an alternative module until a fix is made available.",

wangeditor这个模块不可获取，可以考虑替代模块或者等它可以用

= =没办法解决直接忽略

     "module_name": "minimist",
      "cves": [],
      "vulnerable_versions": "<0.2.1 || >=1.0.0 <1.2.3",
      "patched_versions": ">=0.2.1 <1.0.0 || >=1.2.3",
      "recommendation": "Upgrade to versions 0.2.1, 1.2.3 or later.",

minimist模块升级到版本0.2.1、1.2.3或更高版本

看这里

npm模块的安装、删除和更新