We wanted to share some insights that we thought are interesting and could get our hands on
Here are the top 3
- lodash: 3 vulnerabilities (1 high sev)
- request: 1 vulnerability (17 typosquatting attempts)
- chalk 0 vulnerabilities: (1 typosquatting attempt)
- debug: >40 million weekly downloads
- kind-of: >34 million weekly downloads
- supports-color: >34 million weekly downloads
We wrote in further detail at
https://snyk.io/blog/npm-passes-the-1-millionth-package-milestone-what-can-we-learn on more registry and community statistics such as how many npm packages were added in 2019? What are some interesting insights from the Node.js Foundation's package maintenance working group?
What can you share on your experience with npm? Happy to hear!