The software supply chain is under constant attack and threat actors are finding new ways to exploit and profit off the cracks in its foundations. Of course, the JavaScript ecosystem is at the heart of this problem as it has grown accustomed to relying on small, interdependent modules made available through the largest software registry in the world (npm). Learn more about the current and future state of the ecosystem as well as dive into new tooling and resources you'll need to protect yourself and your projects this year and beyond.

The npm CLI has been,
&
continues to be, a core developer tool of the Node.js/JavaScript ecosystem. This past year npm@7 became Generally Availble, introducing with it a wealth of changes
&
net-new capabilities including: lockfile upgrades, workspace support, installing peer dependencies default, npm diff, npm explain, npm exec, npm set-script
&
much, much more. We'll dive into this work as well as share some exciting news about what to expect in the weeks
&
months to come.