Posts by

Edward Thomson

@ethomson

GitHub Advisory Database now powers npm audit

Today, we’re adding a proxy on top of the GitHub Advisory Database that speaks the `npm audit` protocol. This means that every version of the npm CLI that supports security audits is now talking directly to the GitHub Advisory Database.