Since April, according to the company, npm users have run 50 million automatic scans and have deliberately invoked the command 3.1 million times. And they’re running 3.4 million security audits a week. Across all audits, 51 per cent found at least one vulnerability and 11 per cent identified a critical vulnerability. In a phone interview with The Register, Adam Baldwin, head of security at NPM, said he didn’t have data on how many people are choosing to fix flagged flaws. “But what we’ve seen from pull requests suggests it’s gaining traction,” he said.
Techucation 