vikarti.anatra/Skyvern
1
0
Fork 0
mirror of https://github.com/Skyvern-AI/skyvern.git synced 2026-04-28 03:30:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
Skyvern/skyvern-frontend/.npmrc
Shuchang Zheng 32be517565
chore(security): add .npmrc ignore-scripts to remaining npm workspaces (#5603) 
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 22:56:36 +00:00

5 lines
319 B
Text
Raw Permalink Blame History

# Supply chain protection: do not run lifecycle scripts (preinstall, install,
# postinstall) on npm install. Blocks worms like "Shai-Hulud" from executing
# on a compromised dependency before we notice. If a package genuinely needs
# its install script, use @lavamoat/allow-scripts to allowlist it.
ignore-scripts=true
Reference in a new issue View git blame Copy permalink