Potential security issue (of various severity) reported by the snyk scanner run on application built on loaders.gl.

• fast-xml-parse > 4.1.2 #2537 - Fixed in 3.4.9
• @xmldom/xlmdom > 0.7.7 #2580 - Targeted for 3.4.10
• jpeg-js > 0.4.4. Indirect dependency, yarn.lock or kepler.gl resolution pin issue? -
• request: no resolution - used by jpeg-js. One possible solution is to replace jpeg-js with squoosh.
• qs - various resolutions for each minor version - At least for loaders, yarn.lock refresh should be sufficient.
• json-schema - this is just a dev dependency coming in through coveralls via ocular-dev-tools