GitHub plans to disable npm install scripts by default, a big supply-chain hardening move. Fewer packages should get to run arbitrary code just because you typed npm install — expect some build workflows to need explicit opt-in. 📦 #OpenSource #Security #DevOps
npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.
