This project needs some updates - npm install output

[Netoperz]

Hello,
I have installed Ubuntu 18.04 , clean and installed npm using apt.
downloaded repo using git as in how-to, than i started npm install, and i'm a bit confused about info from npm install about stuff that is prone for hacking and DDOS. Is it normal or just no one noticed till me, or Am I doing something wrong ?
Here is the output:

m@STARDUST:~/desktop$ npm install
loadDep:torrent-tracker-h ▄ ╢████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated sprintf@0.1.5: The sprintf package is deprecated in favor of sprintf-js.
npm WARN deprecated es5class@2.3.1: this package isn't maintained anymore because ES6+
loadDep:xtend → resolveWi ▌ ╢███████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated parse-torrent-file@2.1.4: Use the parse-torrent package instead
loadDep:request ▌ ╢████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
loadDep:hawk ▀ ╢████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
WARN engine hoek@0.7.6: wanted: {"node":"0.8.x"} (current: {"node":"8.10.0","npm":"3.5.2"})
WARN engine boom@0.3.8: wanted: {"node":"0.8.x"} (current: {"node":"8.10.0","npm":"3.5.2"})
WARN engine cryptiles@0.1.3: wanted: {"node":"0.8.x"} (current: {"node":"8.10.0","npm":"3.5.2"})
npm WARN deprecated formidable@1.0.17: Old versions of Formidable are not compatible with the current Node.js; Upgrade to 1.2.0 or later
npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated natives@1.1.3: This module relies on Node.js's internals and will break at some point. Do not use it, and update to graceful-fs@4.x.
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
loadDep:semver → cache ▐ ╢██████████████████████████████████████░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░╟
npm WARN deprecated graceful-fs@2.0.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated minimatch@0.4.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
Popcorn-Time-CE@0.4.1-5 /home/m/desktop

[TheComputerGenie]

You'll find that there are ~ 650 folders in '/home/m/desktop/node_modules/' each of those folders is a project separate from this one, but this project relies on them to work. This project cannot force those other projects to update.
The workaround for this is for you to run
npm audit
and manually install updated version(s) of whatever needs updating. Some things might take a little directory digging like peerflix > airplayer > airplay-protocol > plist > xmlbuilder > lodash as those projects have/are dependencies too.