⚪ ️5.6 Constantly inspect for vulnerable dependencies
:white_check_mark: Do: Even the most reputable dependencies such as Express have known vulnerabilities. This can get easily tamed using community tools such as npm audit, or commercial tools like snyk (offer also a free community version). Both can be invoked from your CI on every build
❌ Otherwise: Keeping your code clean from vulnerabilities without dedicated tools will require to constantly follow online publications about new threats. Quite tedious
✏ Code Examples
:clap: Example: NPM Audit result
