ā” vite-plugin-dependency-guard š”ļø
Secures Vite & Nuxt from supply-chain attacks with 6 automated guardrails at server start:
1 š Fresh Release
2 šļø Unmaintained
3 š NPM Status
4 š» Phantom Deps
5 š File Integrity
6 ā ļø OSV Live Audit
š¦ pnpm add -D vite-plugin-dependency-guard
š github.com/JonathanSchn...
ššš
š„ just released a github action: `uppt`
it aims to be a very simple, secure release workflow for maintainers that adheres to best security practices
āŖ trusted, staged publishing on npmjs.com
āŖ github environment protection
āŖ generated release PR + changelog
āŖ automatic release + publish on merge āØ