You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Added repo ownership and supply-chain maintenance signals: CODEOWNERS, OpenSSF Scorecard workflow and badge, root .editorconfig, and a project code of conduct.
Added release-gate checks for GitHub Actions syntax through actionlint and Rust dependency policy through cargo-deny.
Added post-publication npm registry checks for package integrity, registry signatures, SLSA provenance attestations, and npm audit signatures.
Added Socket package score regression checks for the main npm package and prebuilt platform packages.
Changed
Improved prebuilt npm platform package metadata and README supply-chain notes.
Removed the npm test:npm-package script from published package metadata; repository-only scripts stay out of npm tarballs.
Hardened server/MCP tests against parallel temp-dir collisions.
Validation
Passed local scripts/prepublish-check.sh on commit 1999e2d.
Public benchmark gate passed: React 53.08x, Next.js 58.11x, Prometheus 56.99x versus upstream jscpd.
