Killing
NPM Security Vulnerabilities
Current State
> 40,000 high risk issues
in 145 services\web apps
The Plan
-
Monitor
-
Automatically apply fixes (where possible)
-
Manually fix the rest
Our Goal
Reduce the number of
Critical\High issues to zero
by Nov 1st
After this date, deployments with security issues will be blocked
145
97
Number of Services with security issues
(In the last 14 days)
Your Turn
-
Approve and merge audit PRs
-
Monitor your services audit report
-
Manually fix the rest of the issues
Thank you Riyad, Omri and Asaf
❤️