The npm blog has been discontinued.
npm Acquires ^Lift Security and Node Security Platform
We go way back
npm is where the Node Security Platform belongs. All NSP users are npm users, and the security of open source code is core to npm’s mission. By combining our resources, we can deliver a continuous approach to security at scale, empowering millions of developers to build more secure code.
Watch this space
Today’s announcement is the first in a series of strategic security initiatives we’ll be announcing in coming weeks. In conjunction with the next version of npm, shipping with Node.js version 10, we’ll introduce a series of new security features available to every npm user, directly integrated into the npmjs.com registry and the npm command line tool. Soon, we’ll also introduce a series of security products specifically tailored to the unique requirements of corporate developers and enterprises.
Security is everyone’s responsibility (including yours).
Security is the responsibility of every part of an organization. It needs to be intermixed with engineering, operations, and application development. npm is at the center of these workflows, so we are uniquely positioned to help you secure your code.
We know that the safety of the code you use is important to you, whether you’re a beginner or a seasoned expert. Together, we’ll ensure that the world’s largest community of software developers is also its safest.