The npm security advisory database is now part of the GitHub Advisory Database. As a result,
npm audit will now return URLs to the GitHub Advisory Database and the advisories on the npmjs.com will redirect to GitHub.
GitHub is where developers come to learn and celebrate what’s new in open source, and where maintainers share, collaborate and celebrate their community’s work. Starting today, available in public beta, are two improvements to the release process on GitHub:
- Maintainers can now automatically generate release notes, giving them a summary of all the pull requests for a given release.
- The Releases UI gets a refresh giving more clarity into what’s included in a given release, as well as recognition for the contributors in the community. We have also fixed a number of papercuts including no longer showing tags on the releases list view and making videos playable in releases. This won’t be turned on by default in the beta, and will need to be enabled through the Feature Preview.