Skip to content

Commit 24eb621

Browse files
APS-19732: add hardened .npmrc (supply-chain audit SC-12282)
Add supply-chain hardening .npmrc with directives required by the weekly Enigma audit (SC-12282): ignore-scripts, strict-ssl, save-exact, engine-strict, legacy-peer-deps=false, audit-level=high. Verified via npm ci on Node 18/20/22 (lockfile unchanged) and e2e sample-test on Node 20. Node 16 fails engine-strict by design (@playwright/test requires node>=18). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
1 parent 9514fc5 commit 24eb621

1 file changed

Lines changed: 7 additions & 0 deletions

File tree

.npmrc

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
# Supply-chain hardening directives (SC-12282 / APS-19732)
2+
ignore-scripts=true
3+
strict-ssl=true
4+
save-exact=true
5+
engine-strict=true
6+
legacy-peer-deps=false
7+
audit-level=high

0 commit comments

Comments
 (0)