From b5166a518287080b9487c55e8bd70e8bff50cb9b Mon Sep 17 00:00:00 2001
From: Maximilian Franzke <787658+mfranzke@users.noreply.github.com>
Date: Sat, 4 Oct 2025 17:50:40 +0200
Subject: [PATCH 1/3] =?UTF-8?q?chore:=20=F0=9F=A4=96=20Add=20strict=20.npm?=
 =?UTF-8?q?rc=20file?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add .npmrc with sane defaults
---
 .npmrc | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 .npmrc

diff --git a/.npmrc b/.npmrc
new file mode 100644
index 000000000..f46fe20a3
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,8 @@
+# If set to false, then ignore package-lock.json files when installing. This will also prevent writing package-lock.json if save is true. source: https://docs.npmjs.com/cli/v11/using-npm/config
+package-lock=true
+# If true, npm does not run scripts specified in package.json files. source: https://docs.npmjs.com/cli/v11/using-npm/config#ignore-scripts
+ignore-scripts=true
+# Dependencies saved to package.json will be configured with an exact version rather than using npm's default semver range operator. source: https://docs.npmjs.com/cli/v11/using-npm/config#save-exact
+save-exact=true
+# If set to true, then npm will stubbornly refuse to install (or even consider installing) any package that claims to not be compatible with the current Node.js version. source: https://docs.npmjs.com/cli/v11/using-npm/config#engine-strict
+engine-strict=true

From f93c3dfb980f00f484ed8965801431b99f6ae49b Mon Sep 17 00:00:00 2001
From: Maximilian Franzke <787658+mfranzke@users.noreply.github.com>
Date: Sat, 4 Oct 2025 17:51:42 +0200
Subject: [PATCH 2/3] Add engines field to package.json

---
 package.json | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 92c9e4b8d..eafa03021 100644
--- a/package.json
+++ b/package.json
@@ -73,5 +73,8 @@
     "registry": "https://registry.npmjs.org/",
     "access": "public"
   },
-  "homepage": "https://db-ui.github.io/base/"
+  "homepage": "https://db-ui.github.io/base/",
+  "engines": {
+    "node": ">= 22"
+  }
 }

From b38c49df8d4778e2e60150c9f410d2e746f82db1 Mon Sep 17 00:00:00 2001
From: Maximilian Franzke <787658+mfranzke@users.noreply.github.com>
Date: Sun, 5 Oct 2025 11:08:15 +0200
Subject: [PATCH 3/3] Add SPDX license information to .npmrc

Added SPDX license information to .npmrc file.
---
 .npmrc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.npmrc b/.npmrc
index f46fe20a3..315db498d 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: 2025 DB Systel GmbH
+#
+# SPDX-License-Identifier: Apache-2.0
+
 # If set to false, then ignore package-lock.json files when installing. This will also prevent writing package-lock.json if save is true. source: https://docs.npmjs.com/cli/v11/using-npm/config
 package-lock=true
 # If true, npm does not run scripts specified in package.json files. source: https://docs.npmjs.com/cli/v11/using-npm/config#ignore-scripts