Add supply-chain hardened .npmrc (PER-8391)#148

Merged

ninadbstack merged 1 commit into

mainfrom

security/npmrc-hardening

Jun 4, 2026

Annotations

6 notices

submit-dependency-snapshot

Snapshot successfully created at 2026-06-03T12:34:41.296Z

submit-dependency-snapshot

{ "manifests": { "requirements.txt": { "resolved": { "pkg:pypi/idna@3.18": { "package_url": "pkg:pypi/idna@3.18", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/greenlet@3.0.1": { "package_url": "pkg:pypi/greenlet@3.0.1", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/typing-extensions@4.15.0": { "package_url": "pkg:pypi/typing-extensions@4.15.0", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/urllib3@2.7.0": { "package_url": "pkg:pypi/urllib3@2.7.0", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/playwright@1.40.0": { "package_url": "pkg:pypi/playwright@1.40.0", "relationship": "direct", "scope": "runtime", "dependencies": [ "pkg:pypi/greenlet@3.0.1", "pkg:pypi/typing-extensions@4.15.0", "pkg:pypi/pyee@11.0.1" ] }, "pkg:pypi/certifi@2026.5.20": { "package_url": "pkg:pypi/certifi@2026.5.20", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/requests@2.34.2": { "package_url": "pkg:pypi/requests@2.34.2", "relationship": "direct", "scope": "runtime", "dependencies": [ "pkg:pypi/idna@3.18", "pkg:pypi/urllib3@2.7.0", "pkg:pypi/certifi@2026.5.20", "pkg:pypi/charset-normalizer@3.4.7" ] }, "pkg:pypi/charset-normalizer@3.4.7": { "package_url": "pkg:pypi/charset-normalizer@3.4.7", "relationship": "indirect", "scope": "runtime", "dependencies": [] }, "pkg:pypi/pyee@11.0.1": { "package_url": "pkg:pypi/pyee@11.0.1", "relationship": "indirect", "scope": "runtime", "dependencies": [] } }, "name": "requirements.txt", "file": { "source_location": "requirements.txt" } } }, "version": 0, "job": { "correlator": "submit-pypi", "id": "26885034456" }, "sha": "758fe2bd28f2c8784e0db6c6f4037730ba89d9ae", "ref": "refs/heads/security/npmrc-hardening", "scanned": "2026-06-03T12:34:41.020Z", "detector": { "name": "Automatic Dependency Submission", "version": "1e74d6c58b14", "url": "https://github.com/actions/component-detection-dependency-submission-action" } }

submit-dependency-snapshot

Submitting snapshot...

log-toolchain-versions

Using pip-compile version: pip-compile, version 7.5.3

log-toolchain-versions

Using pip version: pip 25.2 from /opt/hostedtoolcache/Python/3.10.20/x64/lib/python3.10/site-packages/pip (python 3.10)

log-toolchain-versions

Using python version: Python 3.10.20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add supply-chain hardened .npmrc (PER-8391)#148

Add supply-chain hardened .npmrc (PER-8391)#148
ninadbstack merged 1 commit into
mainfrom
security/npmrc-hardening

Uh oh!

Annotations

Re-running jobs...