DEV Community

Discussion on: Fixing NPM Dependencies Vulnerabilities

mnf profile image
Michael Freidgeim • Edited on

Is it ok to ignore vulnerabilities in dev dependencies? In your particular example jest is used for tests, how the vulnerabilities in jest could cause the risks in production site? Should we spend time to fix vulnerabilities in dev packages?