The npm community forum has been discontinued.
To discuss usage of npm, visit the GitHub Support Community.
Integrate with GitHub SecurityAdvisory
When developing a package, I run
npm audit just before committing and pushing the code to make sure there are no vulnerabilities in my dependencies, everything is fine. But after pushing, I get a friendly email from Github saying that I do have security vulnerabilities in my dependencies!
Integrate with the GitHub SecurityAdvisory to improve the scanning for vulnerabilities so
npm audit catches more vulnerabilities.