generated from nhcarrigan/template
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 minori
|
12d5696439 | ||
 hikari
|
52c7dab252 |
@@ -1,25 +0,0 @@
|
||||
# Package Manager Configuration
|
||||
# Force pnpm usage - breaks npm/yarn intentionally
|
||||
node-linker=pnpm
|
||||
|
||||
# Security: Disable all lifecycle scripts
|
||||
ignore-scripts=true
|
||||
enable-pre-post-scripts=false
|
||||
|
||||
# Security: Require packages to be 10+ days old before installation
|
||||
minimum-release-age=14400
|
||||
|
||||
# Security: Verify package integrity hashes
|
||||
verify-store-integrity=true
|
||||
|
||||
# Security: Enforce strict trust policies
|
||||
trust-policy=strict
|
||||
|
||||
# Security: Strict peer dependency resolution
|
||||
strict-peer-dependencies=true
|
||||
|
||||
# Performance: Use symlinks for node_modules
|
||||
symlink=true
|
||||
|
||||
# Lockfile: Ensure lockfile is not modified during install
|
||||
frozen-lockfile=false
|
||||
+1
-1
@@ -15,7 +15,7 @@
|
||||
"devDependencies": {
|
||||
"@nhcarrigan/typescript-config": "4.0.0",
|
||||
"@types/node": "24.3.0",
|
||||
"tsx": "4.21.0",
|
||||
"tsx": "4.21.1",
|
||||
"typescript": "5.9.2"
|
||||
},
|
||||
"dependencies": {
|
||||
|
||||
Generated
+5
-18
@@ -25,8 +25,8 @@ importers:
|
||||
specifier: 24.3.0
|
||||
version: 24.3.0
|
||||
tsx:
|
||||
specifier: 4.21.0
|
||||
version: 4.21.0
|
||||
specifier: 4.21.1
|
||||
version: 4.21.1
|
||||
typescript:
|
||||
specifier: 5.9.2
|
||||
version: 5.9.2
|
||||
@@ -340,9 +340,6 @@ packages:
|
||||
engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0}
|
||||
os: [darwin]
|
||||
|
||||
get-tsconfig@4.10.1:
|
||||
resolution: {integrity: sha512-auHyJ4AgMz7vgS8Hp3N6HXSmlMdUyhSUrfBF16w153rxtLIEOE+HGqaBppczZvnHLqQJfiHotCYpNhl0lUROFQ==}
|
||||
|
||||
ipaddr.js@2.2.0:
|
||||
resolution: {integrity: sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA==}
|
||||
engines: {node: '>= 10'}
|
||||
@@ -396,9 +393,6 @@ packages:
|
||||
resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==}
|
||||
engines: {node: '>=0.10.0'}
|
||||
|
||||
resolve-pkg-maps@1.0.0:
|
||||
resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==}
|
||||
|
||||
ret@0.5.0:
|
||||
resolution: {integrity: sha512-I1XxrZSQ+oErkRR4jYbAyEEu2I0avBvvMM5JN+6EBprOGRCs63ENqZ3vjavq8fBw2+62G5LF5XelKwuJpcvcxw==}
|
||||
engines: {node: '>=10'}
|
||||
@@ -449,8 +443,8 @@ packages:
|
||||
tslib@2.8.1:
|
||||
resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==}
|
||||
|
||||
tsx@4.21.0:
|
||||
resolution: {integrity: sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw==}
|
||||
tsx@4.21.1:
|
||||
resolution: {integrity: sha512-5QE2Q04cN1u0993w0LT5rPw3faZqZU1fFn1mGE0pV53N1Dn7c+QFFxQu1mBeSgeOXwFyTicZw02wVgp3Tb5cAQ==}
|
||||
engines: {node: '>=18.0.0'}
|
||||
hasBin: true
|
||||
|
||||
@@ -779,10 +773,6 @@ snapshots:
|
||||
fsevents@2.3.3:
|
||||
optional: true
|
||||
|
||||
get-tsconfig@4.10.1:
|
||||
dependencies:
|
||||
resolve-pkg-maps: 1.0.0
|
||||
|
||||
ipaddr.js@2.2.0: {}
|
||||
|
||||
json-schema-ref-resolver@2.0.1:
|
||||
@@ -835,8 +825,6 @@ snapshots:
|
||||
|
||||
require-from-string@2.0.2: {}
|
||||
|
||||
resolve-pkg-maps@1.0.0: {}
|
||||
|
||||
ret@0.5.0: {}
|
||||
|
||||
reusify@1.1.0: {}
|
||||
@@ -871,10 +859,9 @@ snapshots:
|
||||
|
||||
tslib@2.8.1: {}
|
||||
|
||||
tsx@4.21.0:
|
||||
tsx@4.21.1:
|
||||
dependencies:
|
||||
esbuild: 0.27.2
|
||||
get-tsconfig: 4.10.1
|
||||
optionalDependencies:
|
||||
fsevents: 2.3.3
|
||||
|
||||
|
||||
@@ -0,0 +1,21 @@
|
||||
# Security
|
||||
|
||||
# Do not execute any scripts of installed packages (project scripts still run)
|
||||
ignoreDepScripts: true
|
||||
# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
|
||||
enablePrePostScripts: false
|
||||
# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
|
||||
minimumReleaseAge: 14400
|
||||
# Fail if a package's trust level has decreased compared to previous releases
|
||||
trustPolicy: no-downgrade
|
||||
# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
|
||||
trustPolicyIgnoreAfter: 525960
|
||||
# Fail if there are missing or invalid peer dependencies
|
||||
strictPeerDependencies: true
|
||||
# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
|
||||
blockExoticSubdeps: true
|
||||
|
||||
# Lockfile
|
||||
|
||||
# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
|
||||
preferFrozenLockfile: false
|
||||
Reference in New Issue
Block a user