God, Love, News, Event, Entertainment, Amebo,..... All about Bringing out the best in you...
Show HN: TimeLock NPM Registry https://ift.tt/9ukx5m7
Show HN: TimeLock NPM Registry Hi, everyone! I built a TimeLock NPM Registry to prevent supply chain attack. I was inspired by minimumReleaseAge of the pnpm, but I'm using bun for my projects. TimeLock NPM Registry is an alternative npm package registry focused on supply chain security. Its core feature is introducing a time lock before new package versions become available for installation. This protects developers from compromised releases: while packages are “on hold,” the community and security tools have time to detect and block malicious code. Why it matters Reduces the risk of installing malicious packages. Lets you “wait out” 24 hours or more before updating. Increases trust in dependencies and builds. How it works A package author publishes a new version. TimeLock NPM Registry places it into a pending state for a set duration (e.g., 24 hours). Only after the timer expires does the package become available for installation. Tech stack — Cloudflare Workers, Honojs. https://ift.tt/gNyfZM8 October 2, 2025 at 04:11AM
Subscribe to:
Post Comments (Atom)
Show HN: An assertion library for E2E testing and real user monitoring https://ift.tt/Lnj6Av0
Show HN: An assertion library for E2E testing and real user monitoring https://ift.tt/BWaxXUF July 3, 2026 at 03:30AM
-
submitted by /u/Dull_Tonight [link] [comments] source https://www.reddit.com/r/worldnews/comments/pehy48/housing_secretary_robert_je...
-
Show HN: Lindra – generate browser agents to automate any website Hi HN, We’re one month into building Lindra, a platform that turns any web...
-
Show HN: High-precision date/time in SQLite https://ift.tt/hEvedVC August 12, 2024 at 03:47AM
No comments:
Post a Comment