The npm blog has been discontinued. Updates from the npm team are now published on the GitHub Blog and the GitHub Changelog. When I ask software developers what their biggest security concerns are, I typically hear something about malicious code in their npm packages. The average npm package has over 2000 dependencies, so the worry over malware makes a lot of sense. The npm security team certainly