New top story on Hacker News: Show HN: Safe-install – safer NPM installs with trusted build dependencies - The Book

    • Breaking

    Home Top Ad

    Responsive Ads Here

    Post Top Ad

    Responsive Ads Here

    Monday, May 11, 2026

    Home Ak News New top story on Hacker News: Show HN: Safe-install – safer NPM installs with trusted build dependencies

    New top story on Hacker News: Show HN: Safe-install – safer NPM installs with trusted build dependencies

    Show HN: Safe-install – safer NPM installs with trusted build dependencies
    5 by gkiely | 0 comments on Hacker News.
    In light of the ongoing npm supply chain compromises, I built safe-install: https://ift.tt/Kosi6g0 It brings a couple of protections I wanted from npm but are not built in. Similar to Bun’s trusted dependencies, it lets you disable install scripts by default and define a list of dependencies that are allowed to run build/install scripts: https://ift.tt/qjER87n It also supports blocking exotic sub-dependencies, similar to pnpm’s `blockExoticSubdeps` setting: https://ift.tt/itJuA3Q... I was hoping npm would eventually add something like this, but it does not seem to be happening soon, so I made a small package for it.

    Tags
    Share This
    Author Image

    About Unknown

    By at
    Labels:

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Post Bottom Ad

    Responsive Ads Here

    Author Details

    Templatesyard is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger templates which are professionally designed and perfectlly seo optimized to deliver best result for your blog.

    Pages