One of the big reasons why some shops refuse to use Javascript on server side because of its unknown attack surface that is NPM.
It's impossible to keep track of all of these libraries that can be written by anyone. Someone could hijack a github account and push malicious code to NPM.
It's impossible to keep track of all of these libraries that can be written by anyone. Someone could hijack a github account and push malicious code to NPM.