Investigate more about libraries/dependencies

[NightLore]

• Get link to github repo for dependencies

[bcdasilv]

In terms of vulnerabilities, there's also an option to run npm audit. See these links: https://docs.npmjs.com/cli/audit https://blog.npmjs.org/post/173719309445/npm-audit-identify-and-fix-insecure

Also, I think we're aiming at the right target by bringing vulnerabilities info to the vis. That GitHub event talk I shared with you happened today. I haven't watched but I read the discussion page. They will provide the talk recording in a day or two. I suggest you check that out. I'll try to watch, too.

[bcdasilv]

I just watched the recorded talk. Available already at https://githubsatellite.com/schedule/#dependency-hell-or-developers-perception-of-software-dependencies

The content is pretty good. Only the Q&A at the end was not very good. That talk gives some insights.