980 B
980 B
created, modified, type, tags, aliases
| created | modified | type | tags | aliases | ||||
|---|---|---|---|---|---|---|---|---|
| 2026-06-01 12:45 | 2026-06-01 12:45 | note |
|
Security NPM packages tools
Check video
source_url: https://www.youtube.com/watch?v=Wq6yMdt11LM
Set minimum release age
NPM:
- file min-release-age=7 days
- project ./.npmrc
- global ~/.npmrc PNPM:
- minimumReleaseAge:1000 minutes.
- PROJECT ./.pnpn-workspace.yaml
- global ~/.config/pnpm/config.yaml BUN:
- minimumREleaseAge=604800 seconds
- project ./.ig.toml
- global $HOME/.bunfig.toml
- global $XDG_CONFIG_HOME/.bunfig.toml
##DIsable install scripts
- ignore-scipts=true
- block curated / trusted lists of packages.
Block gitbased dependecies
NPM
- allow-git=none
- allow-git=root PNPM
- blockExoticSubdps: true
- trustPolicy: no-downgrade
Scan dependecies
Ensure you use aliases so that these are use before we install. Socket Firewall
npq source_url: https://github.com/lirantal/npq