DepsGuard – One command to harden NPM/pnpm/yarn/bun/uv configs
securityDepsGuard is a security tool that automates the hardening of JavaScript and Python package manager configurations (npm, pnpm, yarn, bun, uv) with a single command, enforcing best practices like minimum release ages and disabling install scripts to mitigate supply chain attacks. It is designed for developers and security engineers who want to quickly apply controversial but effective cooldown-based protections without manual configuration. The project is interesting because it transforms fragmented, often-ignored security advice into an immediate, actionable solution for the entire ecosystem.
Cross-platform signals
You might also like
More in security
Open Cyber Threat Intelligence Platform
Tuta is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar…
JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes
Cyber Security ALL-IN-ONE Platform