You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
npm-fw now supports yarn (Berry and v1) and pnpm v11, in addition to npm
Advisory cache is persisted to disk and survives daemon restarts
New config commands let you persistently configure the minimum advisory severity
New clean command tears down the daemon and removes all registry overrides in one step
Changes
Features
yarn support — npm-fw now intercepts yarn Berry and yarn v1 by setting YARN_NPM_REGISTRY_SERVER / YARN_REGISTRY and writing npmRegistryServer to ~/.yarnrc.yml
pnpm v11 support — npm-fw sets pnpm_config_registry for pnpm v11, which no longer reads the legacy npm_config_* environment variables
clean command — npm-fw clean stops the daemon and removes registry overrides from .npmrc and .yarnrc.yml, providing a one-command teardown
persistent advisory cache — advisory data is now stored on disk and loaded automatically on startup, so the firewall can immediately recognize known vulnerabilities after a restart
user config — npm-fw config list shows current configuration, and npm-fw config set minSeverity <level> persistently changes the minimum advisory severity. The setting is stored in daemon.json and read on daemon startup.
