npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor authentication (2FA).

The Microsoft-owned subsidiary noted that the following npm install behaviors that used to run automatically before have been made opt-in –

allowScripts defaults to off, meaning

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges

Next Post

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

Related Posts
Total
0
Share