We currently use Dependabot to automatically manage dependency updates.

If you believe you have found a security vulnerability in NHS Virtual Visit please submit the vulnerability to NHS Virtual Visit Dev so that we can resolve the issue before it is disclosed publicly.