bitforge/warehouse13
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add npm package age verification system

Browse Source 
Problem: Need to ensure all npm packages are at least 2 weeks old before use

Solution:
- Created check-package-age.js script to verify package publish dates
- Added .npmrc to enforce exact version installation
- Created pin-old-versions.sh helper script
- Documented complete workflow in NPM-PACKAGE-AGE-POLICY.md

Usage:
  node scripts/check-package-age.js  # Verify all packages ≥ 2 weeks old
  npm ci                              # Install exact versions from lock file

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Mondo Diaz
2025-10-17 08:43:38 -05:00
parent e08ab62a32
commit 4a270dbfe3
4 changed files with 374 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
frontend/.npmrc Normal file
View File

@@ -0,0 +1,11 @@
# Force exact version installation (no version range resolution)
save-exact=true
# Always use package-lock.json
package-lock=true
# Don't automatically update package-lock.json
package-lock-only=false
# Prevent automatic updates
save-prefix=''