I remember that when I first heard about Node.js, I couldn’t believe that developers were using a language meant for single threaded client side scripting for web servers and desktops. (At the time, I was working with ASP.NET Web Forms and massive viewstate objects passed between client and server at the time, so that probably explains why I was so surprised).
Using Sonatype OSS Index’s database of over 1,500 npm packages which have vulnerable versions, DepShield automatically identifies opportunities for developers to update their dependencies to patch and fixed versions that are no longer vulnerable.
Open Source contributors are working hard at reducing vulnerabilities in their projects and DepShield enables project consumers to benefit from these efforts as soon as possible. If you contribute to or maintain any project utilizing npm, head over to GitHub’s Marketplace and give DepShield a try.