2 dépôts
Mechanisms that intercept and disable automated package installation hooks to prevent arbitrary code execution.
Distinct from Code Execution Sandboxes: Distinct from Code Execution Sandboxes: focuses specifically on intercepting package manager lifecycle hooks rather than general script execution.
Explore 2 awesome GitHub repositories matching devops & infrastructure · Lifecycle Script Sandboxes. Refine with filters or upvote what's useful.
This project provides a comprehensive framework for securing the software supply chain within the Node.js ecosystem. It focuses on mitigating risks associated with third-party dependencies by implementing technical controls and governance policies designed to prevent malicious code injection and ensure the integrity of the development environment. The guide distinguishes itself by offering specific hardening techniques for package management, such as disabling automatic execution of lifecycle scripts and enforcing strict registry-scoped dependency routing to prevent dependency confusion. It e
Intercepts and disables automated package installation hooks to prevent arbitrary code execution during dependency setup.
This project provides a comprehensive guide for securing the software supply chain within Node.js and npm environments. It focuses on hardening the entire lifecycle of third-party dependencies and package publishing processes to protect applications from malicious code injection and unauthorized registry modifications. The guide distinguishes itself by emphasizing identity-based authentication and cryptographic provenance to verify the origin of distributed artifacts. It advocates for strict governance policies, such as enforcing minimum release ages for dependencies and disabling automatic l
Intercepts and disables automated package installation hooks to prevent arbitrary code execution during dependency setup.