Yarn

Yarn is a fast and reliable JavaScript package manager that includes built-in security auditing capabilities to identify known vulnerabilities in project dependencies by scanning both direct and transitive packages against security databases such as the npm registry and National Vulnerability Database. The tool performs comprehensive dependency scanning and classifies vulnerabilities by severity levels (low, moderate, high, critical) to help development teams prioritize and remediate security issues in their JavaScript and Node.js projects throughout the software development lifecycle.