# list your outdated packages / check if a specific package is outdated
npm outdated
yarn outdated [package]
# update / upgrade and save changes to package.json
npm update [package] --save|--save-dev
yarn upgrade [package]
They just don't hit the right skillset that we need. We build applications, not novel path-finding algorithms.
Software Composition Analysis (SCA) is a security practice that identifies and manages open source components, third-party libraries, and dependencies in your codebase. As modern applications rely heavily on open source software—with some codebases containing 80-90% third-party components—SCA has become essential for maintaining secure and compliant software development practices.
SCA tools automatically scan your code repositories, build artifacts, and running applications to create a comprehensive inventory of all components, including transitive dependencies. This visibility enables engineering teams to identify security vulnerabilities, license compliance issues, and outdated components that could pose risks to production systems.