Problem/Motivation
In issue #3511199: Bump serialize-javascript version in yarn.lock to overcome known vulnerability it is observed there are vulnerabilities in indirect dependency of some other packages we use, in which are not identified with current release setup.
It is good if we perform yarn audit on all dependencies on all active branches during commit or release to overcome this.
Steps to reproduce
Run yarn audit you will get list of vulnerabilities found in the dependencies.
Proposed resolution
Remaining tasks
Add yarn audit to CICD pipeline.