NPM lockfiles can be a security blindspot for injecting malicious modules in PRssnyk.io259 pointsfagnerbrack6 years ago