GitHub Adds Staged Publishing to npm to Block Automated Supply Chain Attacks
Source: Cybersecuritynews
Published:
<p>GitHub has introduced a major security upgrade to the npm ecosystem with the general availability of staged publishing and new install-time controls, aimed at reducing automated supply chain attacks targeting open-source packages. The newly released staged publishing feature changes how npm packa