nhcarrigan/website-headers
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 8 Actions Releases 12 Activity
Files
main
website-headers/pnpm-workspace.yaml
T
naomi 9f997d6e03
Node.js CI / CI (push) Successful in 24s
Details
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 57s
Details
chore: unstrict peer deps for CI 
Whatever god damn
2026-04-16 15:26:43 -07:00

23 lines
1004 B
YAML
Raw Permalink Blame History

# Security
# Do not execute any scripts of installed packages (project scripts still run)
ignoreDepScripts: true
# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
enablePrePostScripts: false
# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
minimumReleaseAge: 14400
# Fail if a package's trust level has decreased compared to previous releases
trustPolicy: no-downgrade
# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
trustPolicyIgnoreAfter: 525960
# Fail if there are missing or invalid peer dependencies
# We are temporarily disabling this to allow for the development of the website-headers package
strictPeerDependencies: false
# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
blockExoticSubdeps: true
# Lockfile
# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
preferFrozenLockfile: false
Reference in New Issue View Git Blame Copy Permalink