Hi, since this involved multiple packages I wasn't entirely sure where to post.
I ran a npm audit and noticed that 3 of your packages all have vulnerabilities related to their dependencies. I looked a bit deeper into the tf2 one & noticed that the request dependency is only used once on line 52, in the handlers.js file for what seems to be a simple fetch, perhaps removing the dependency all together would be easiest / best considering that the request package have been deprecated & haven't been patched for the issue at hand yet. I have attached an image showing the npm audit since I think its the quickest way to show it.
I use the latest version of each package.
I apologize if this was posted in the wrong place or format in that case please inform me of a better way in case of a similar situation.
Thanks,
- Toby