Since a couple weeks VersionEye shows security issues for PHP projects. Now this feature works the same way for NodeJS / NPM packages. If VersionEye is monitoring a package.json for you, then you will see the “Security” tab in the project view. Just like here in this example.

In the “Security” tab all known security vulnerabilities are listed for your 3rd party dependencies. By clicking on the package name the package detail page comes up with a more detailed description of the security vulnerability.

In most of the cases it is recommended to fix the issue by updating to the current version of the software package.

This feature is pretty new, but already good tested through the PHP community. Your feedback is anyway welcome either here in the comments or on Twitter.