-
-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathpnpm-workspace.yaml
More file actions
executable file
·26 lines (22 loc) · 880 Bytes
/
pnpm-workspace.yaml
File metadata and controls
executable file
·26 lines (22 loc) · 880 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
onlyBuiltDependencies:
- '@prisma/client'
- '@prisma/engines'
- esbuild
- lefthook
- prisma
- puppeteer
# Security configuration: supply chain attack mitigation
# Delay the adoption of newly released packages to allow detection of malicious code
# Minimum release age (minutes): Only install versions that are 1 day (1440 minutes) old
minimumReleaseAge: 1440
# Packages excluded from the above restrictions (always install the latest version)
minimumReleaseAgeExclude:
# Prisma: Schema synchronization is critical, so early adoption of latest versions is effective
- prisma
- '@prisma/client'
# tsx: For development script execution. Required for frequent updates in validation environments
- tsx
# Vercel: To use in a CI/CD environment
- vercel
# Prevent transitive dependencies from Git/Tarball sources (enhanced security)
blockExoticSubdeps: true