Oh sure, there are plenty of flaws in those packages though not even one in ten are anything to worry about
For the past few years, the security of JavaScript software packages available through the Node Package Manager, or npm, has been the subject of skepticism as a result of blunders, brouhahas, and tepid countermeasures.…
Source:: TheRegister