The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging
The newest free plugin in the Sontaype toolbox is a Gradle plugin to scan, evaluate, and audit Gradle project dependencies. It is available now on GitHub.