this npm dependency mess is a security nightmare. how many packages do you have installed? i bet it's a ton and you have no idea what half of them are even doing. never trust user input.