JavaScript hardening overview
Navigation
Reference
- Overview of the collected data
Config Generator
- Generate (starter) config files based on the info in this overview
Explanation
- Info about this project, the methodology used or FAQ
GitHub
- Source code & data repository
Sources
- Links that aren't included elsewhere
General settings
Scope
project
global
Tools
npm
yarn-classic
yarn-berry
pnpm
bun-install
Minimum release age
in days. Example value (3 days): 3d
docs
in minutes. Example value (3 days): 4320
docs
Block install scripts
pnpm ignores install scripts by default. This checkbox enables strict mode, which makes pnpm exit when finding unforeseen scripts
docs
Block git repo/tarball sources for indirect dependencies
When set to true, only direct dependencies may use exotic sources
docs
Don't install newer versions if security measures decreased
no-downgrade
,
off
When set to no-downgrade, package installation will fail if a package's trust level has decreased
docs
Output