Skip to content

npmjs.com Status Support

Getting started

Packages and modules

Introduction to packages and modules

Contributing packages to the registry

Updating and managing your published packages

Getting packages from the registry

Securing your code

About audit reports

Auditing package dependencies for security vulnerabilities

Generating provenance statements

About ECDSA registry signatures

Verifying ECDSA registry signatures

About PGP registry signatures (deprecated)

Verifying PGP registry signatures (deprecated)

Requiring 2FA for package publishing and settings modification

Reporting malware in an npm package

Threats and Mitigations

Securing your code

About audit reports
Auditing package dependencies for security vulnerabilities
Generating provenance statements
About ECDSA registry signatures
Verifying ECDSA registry signatures
About PGP registry signatures (deprecated)
Verifying PGP registry signatures (deprecated)
Requiring 2FA for package publishing and settings modification
Reporting malware in an npm package

Edit this page on GitHub