Is npm Really Safe? What's our responsibility as developers to find out?

npm libraries are *everywhere* and are here to stay. We use them daily, sometimes without even knowing.
Why should we bother? Well, if you’re in a small startup, you’re usually put in command of the code and that means you’re being counted on to not let the company down when some security breach occurs.
If you’re in a big organization – know that the organization or your customers (probably also organizations) might later find out security holes and it’ll be up to you to fix those – with or without enough time to do that. You might not be able to use a library you’re already using – which might *break your code*.

What’s the solution? See below.


Like what you see?

Sign up to our newsletter to get more tips,
best practices and helpful solutions
straight out from our own experience in the Front-end world.

We won’t spam you and won’t sell your email to nobody. Scouts promise!