npm-publish icon indicating copy to clipboard operation
npm-publish copied to clipboard

Published 20 hours ago verified publisher icon JS-DevTools

Specify `ignore-scripts` when publishing

Open jamietanna opened this issue 3 years ago • 0 comments

As noted in https://snyk.io/blog/github-actions-to-securely-publish-npm-packages/, it is insecure to allow scripts to execute at the time of publishing, so we should make sure that this configuration is applied

jamietanna avatar Jan 07 '22 14:01 jamietanna