Secure #npm
▻https://hackernoon.com/secure-npm-ca2fe0e9aeff?source=rss----3a8144eabfe3---4
Proof of Concept to ensure consistency between NPM packages and their source codeTL;DR;SNPM is a Proof of Concept built to ensure consistency between what is published on the NPM registry and its open source counterpart on public repositories, like Github.UnsplashAt the end of April, Node.js 10 was released and so NPM announced npm@6.One of the major feature introduced with version 6 is about #security: I’m talking about npm audit.This new command allows the user to perform an “assessment of package dependencies for security vulnerabilities helping the user to protect his package’s users from known vulnerabilities that could cause data loss, service outages, unauthorized access to sensitive information and so on”.That’s a huge improvement that NPM team has done for the entire (...)