[email protected] or sup
Analyze npm registry for vulnerabilities.
Powered by Lift Security.
They do also code review on the npm CLI and on the registry source code and they conducts audits and penetration tests.
They have been acquired by npm inc in april 2018.
a survey of over 16,000 developers run by npm in collaboration with the Node.js Foundation and the JS Foundation
- Best practices like testing, linting, code reviews and security scans are a sign of an experienced developer.
- But developers are more trusting of the security of open source code than their own.
- Developers are not happy with the options available to them for securing their code.