[Node] Install packages correctly and avoid attacks

Read Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

Yarn:

yarn install –immutable --immutable-cache --checkcache

to ensure matching packages are present.

 

Npm:

npm ci

to install matching packages without performing any upgrades.

 

Check NPM Scope.

And private package.