nhcarrigan/website-headers
10
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 8 Actions Releases 12 Activity
Files
a826e35278aa8cb5ef541518df3ec70b9208ce09
website-headers/pnpm-workspace.yaml
T
ilenia a826e35278
Node.js CI / CI (push) Successful in 25s
Details
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 53s
Details
fix: replace outdated forum link (#17) 
### Explanation

_No response_

### Issue

_No response_

### Attestations

- [x] I have read and agree to the [Code of Conduct](https://docs.nhcarrigan.com/community/coc/)
- [x] I have read and agree to the [Community Guidelines](https://docs.nhcarrigan.com/community/guide/).
- [x] My contribution complies with the [Contributor Covenant](https://docs.nhcarrigan.com/dev/covenant/).

### Dependencies

- [ ] I have pinned the dependencies to a specific patch version.

### Style

- [x] I have run the linter and resolved any errors.
- [x] My pull request uses an appropriate title, matching the conventional commit standards.
- [x] My scope of feat/fix/chore/etc. correctly matches the nature of changes in my pull request.

### Tests

- [ ] My contribution adds new code, and I have added tests to cover it.
- [ ] My contribution modifies existing code, and I have updated the tests to reflect these changes.
- [ ] All new and existing tests pass locally with my changes.
- [ ] Code coverage remains at or above the configured threshold.

### Documentation

_No response_

### Versioning

Patch - My pull request introduces bug fixes ONLY.

Reviewed-on: #17
Reviewed-by: Naomi Carrigan <accounts@nhcarrigan.com>
Co-authored-by: Ilenia <ilenia@nhcarrigan.com>
Co-committed-by: Ilenia <ilenia@nhcarrigan.com>
2026-06-21 02:55:33 -07:00

26 lines
1.0 KiB
YAML
Raw Blame History

# Security
# Do not execute any scripts of installed packages (project scripts still run)
ignoreDepScripts: true
# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
enablePrePostScripts: false
# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
minimumReleaseAge: 14400
# Fail if a package's trust level has decreased compared to previous releases
trustPolicy: no-downgrade
# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
trustPolicyIgnoreAfter: 525960
# Fail if there are missing or invalid peer dependencies
# We are temporarily disabling this to allow for the development of the website-headers package
strictPeerDependencies: false
# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
blockExoticSubdeps: true
# Lockfile
# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
preferFrozenLockfile: false
allowBuilds:
esbuild: set this to true or false
Reference in New Issue View Git Blame Copy Permalink