Skip to content
The Nexus
DossierENTITY

pnpm

Coverage of pnpm in the Nexus archive.

Earliest in view: May 12 · 00:30 UTCMost recent: Jun 1 · 16:58 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 1 · 16:58 UTCHACKER NEWS
    Show HN: DepsGuard – one command to harden NPM/pnpm/yarn/bun/uv configs

    DepsGuard is a Rust-based tool that automates configuring security settings (like cooldowns and script restrictions) across NPM, pnpm, yarn, bun, and uv package managers. It addresses the complexity of manually editing multiple config files by providing a single command to apply recommended hardening measures, including min-release-age and ignore-scripts policies.

  • TECHNOLOGYMay 12 · 00:30 UTCHACKER NEWS
    Show HN: Safe-install – safer NPM installs with trusted build dependencies

    The safe-install package provides safer NPM installs with trusted build dependencies, allowing users to disable install scripts by default and define a list of allowed dependencies. It also supports blocking exotic sub-dependencies. The package was created in response to ongoing npm supply chain compromises.

pnpm · Dossier · The Nexus