NEUnpm Version 12: Installation Scripts Now Require Explicit Approval14. June 2026CybersecurityShare on:npm 12 blocks automatic execution of installation scripts, Git dependencies, and external URLs by default — future operations will require explicit approval. Share on:
GitHub Disables npm Installation Scripts by Default Against Supply Chain Attacks11. June 2026Claude Code, CybersecurityShare on:npm 12 disables install scripts by default to make it harder to exploit lifecycle hooks for supply chain attacks. Share on:
GitHub Announces Security Measures for npm v12 Against Supply-Chain Attacks10. June 2026CybersecurityShare on:npm v12 introduces security measures to prevent automated attack vectors during package installation. Share on:
