Why NPM lockfiles can be a security blindspot for injecting malicious modulessnyk.io1 pointlirantal7 years ago