By using npm ls command we can view the dependency tree.
retire npm package.
retire command like below. Then you will see list of vulnerabilities and their vulnerability level.
https://github.com/nodesecurity/. nsp is the most commonly used module which use an API to check vulnerabilities. First install nsp as a global module.
nsp check command while inside your project.
As a NodeJS developer, we should verify and remove for unused packages in our project. Easiest way is to use depcheck tool. First we need to install it.
Then we can run depcheck command inside our project.