听起来Hoek是您其中一个依赖项的依赖项(因此，您package.json中包含的包需要它自己的package.json中的依赖项) ).

It sounds like Hoek is a dependency of one of your dependencies (so, a package you have in your package.json is requiring it from it's own package.json).

您已经尝试删除/重新安装和更新项目依赖项而没有成功，因此似乎所涉及的软件包依赖项已指定了显式或最高版本.

You've already tried deleting/reinstalling and updating your project dependencies without success, so it seems that the package dependency in question has an explicit or max version specified.

在没有看到每个依赖项的package.json的情况下，很难进一步建议如何强制进行更新.

Without seeing the package.json for each of your dependencies, it would be difficult to advise further on how to force an update.

为了帮助您确定哪些软件包正在使用哪些依赖项，可以使用NPM的ls命令: https://docs .npmjs.com/cli/ls

To help you identify which packages are using which dependencies, you can use NPM's ls command: https://docs.npmjs.com/cli/ls

例如，查看使用Hoek的软件包: npm ls hoek

For example, to see which packages are using Hoek: npm ls hoek

修改2: 正如Ulysse BN正确指出的那样，如果您具有NPM版本6或更高版本，则可以使用npm audit fix要求NPM尝试为您修复漏洞.

Edit 2: As Ulysse BN correctly points out, if you have NPM version 6 or later, you can use npm audit fix to ask NPM to attempt to fix the vulnerabilities for you.

修改3: 那些阅读此书的人还应该在下面查看JBallin的答案.它扩展了我在此处提供的信息，并且(在我看来)是一种结构更合理的答案，可以更好地解决OP的问题.但是-如果您想快速解决-该答案就足够了.

Edit 3: Those reading this should also check out JBallin's answer below. It expands on information I have given here, and is (in my opinion) a more structured answer that addresses OP's question better. However - if you want a quick fix - this answer should suffice.