Data-Driven Understanding of Security Issue Reporting in GitHub Repositories of Open Source Npm Packages
The npm Node Package Manager ecosystem is the most important package manager for JavaScript development with millions of users. Consequently, a plethora of earlier work investigated how vulnerability reporting, patch propagation, and in general detection as well as resolution of security issues i...