NPM secruity and vulnerability

[nellysattari]

Hi guys, I am pretty sure Kent talked about "npm packages security check" but I cannot find it. If you had any idea please point out to that. I git this message in my github "We found a potential security vulnerability in one of your dependencies." which is scary but I dont know how to fix it. In the document, it is said use "npm audit" but this is an unknown argument for npm.

Any clue how to fix and check the security? Regards

[jLouzado]

@nellysattari These might give you more information about npm audit

• https://blog.npmjs.org/post/173719309445/npm-audit-identify-and-fix-insecure
• https://docs.npmjs.com/getting-started/running-a-security-audit

[kentcdodds]

Hi! I'm afraid I don't have time to give a super solid answer to all my open questions right now, so I just went through and answered all my AMA questions in the form of a video: https://www.youtube.com/watch?v=4Yq6PO0r-fU&list=PLV5CVI1eNcJgCrPH_e6d57KRUTiDZgs0u

A few things that folks can do to help make things better for others reading the questions and answers:

1. Link to when I start answering the question. Add &t=xxmxxs to the end of the URL like this: https://www.youtube.com/watch?v=4Yq6PO0r-fU&list=PLV5CVI1eNcJgCrPH_e6d57KRUTiDZgs0u&t=2m5s
2. Comment with links I referenced
3. Summarize what I talk about

Thanks!