You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Check for scoped packages when publish to a
private registry as mention in https://github.blog/2021-02-12-avoiding-npm-substitution-attacks.
When a non-scoped package is published to a private registry, np could throw a warning.
I think we can win security and can avoid malicious failures as mention in the blog-post.
The text was updated successfully, but these errors were encountered:
Description
Check for scoped packages when publish to a
private registry as mention in https://github.blog/2021-02-12-avoiding-npm-substitution-attacks.
When a non-scoped package is published to a private registry,
np
could throw a warning.I think we can win security and can avoid malicious failures as mention in the blog-post.
The text was updated successfully, but these errors were encountered: