Update NPM_Security_Cheat_Sheet.md spelling error (#1594)

Updating the wording to correct a spelling error.
OWASP · Jan 17, 2025 · 089c8f6 · 089c8f6
1 parent 380201f
commit 089c8f6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/cheatsheets/NPM_Security_Cheat_Sheet.md b/cheatsheets/NPM_Security_Cheat_Sheet.md
@@ -4,7 +4,7 @@ In the following npm cheatsheet, we’re going to focus on [10 npm security best
 
 ## 1) Avoid publishing secrets to the npm registry
 
-Whether you’re making use of API keys, passwords or other secrets, they can very easily end up leaking into source control or even a published package on the public npm registry. You may have secrets in your working directory in designated files such as a `.env` which should be added to a `.gitignore` to avoid committing it to a SCM, but what happen when you publish an npm package from the project’s directory?
+Whether you’re making use of API keys, passwords or other secrets, they can very easily end up leaking into source control or even a published package on the public npm registry. You may have secrets in your working directory in designated files such as a `.env` which should be added to a `.gitignore` to avoid committing it to a SCM, but what happens when you publish an npm package from the project’s directory?
 
 The npm CLI packs up a project into a tar archive (tarball) in order to push it to the registry. The following criteria determine which files and directories are added to the tarball: