Avoiding npm substitution attacks using NCM
This release includes updates to avoid npm substitution attacks and also a GitHub Integration: Code risk, compliance and security action for PRs on Node.js.
Triaging Known Vulnerabilities in Your Dependency Tree with NCM Desktop
Learn to use NCM Desktop to triage vulnerabilities in your dependency tree, regardless of if they're top-level or deeply nested.
NCM Desktop Beta Update – August 29th
We've shipped an update to the NCM Desktop Beta, featuring a suite of enhancements and squashed bugs!