Microsoft said its Visual Studio Code 1.7 release overloaded the npmjs.org JavaScript package management service for Node.js, forcing a version rollback to 1.6.1.

Security developer Snyk has published a free extension for Microsoft’s popular Visual Studio Code editor that finds vulnerabilities in NPM packages.