#2fa-approval

[ follow ]
#npm-security #staged-publishing #supply-chain-security #trusted-publishing-oidc
DevOps
fromThe Hacker News
1 day ago

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Staged publishing requires maintainer 2FA approval before npm package versions become publicly installable, improving supply-chain security for CI/CD and trusted publishing.
[ Load more ]