Storia in 5 fonti

Upcoming breaking changes for npm v12 - GitHub Changelog

Our next npm major version, v12, introduces security-related default changes to npm install. All these changes are available behind warnings in npm today on 11.16.0 or newer, so you can…

Raccontata da

Confronto fonti

5 prospettive sulla stessa storia

AI · summaries

github.blogStai leggendo2 g fa

Upcoming breaking changes for npm v12 - GitHub Changelog

Our next npm major version, v12, introduces security-related default changes to npm install. All these changes are available behind warnings in npm today on 11.16.0 or newer, so you can…

originale

bleepingcomputer.com1 g fa

GitHub announces npm security changes to tackle supply-chain attacks

GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the 'npm install' command.

Leggi questa versione → originale

thehackernews.com1 g fa

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.

Leggi questa versione → originale

infoworld.com2 g fa

GitHub finally pulls the plug on automatic install script execution for npm

The change, expected in July, will likely block one of the more common attack vectors; developers are wondering what took GitHub so long, and why other repositories acted so much sooner.

Leggi questa versione → originale

heise.de1 g fa

npm packt seine riskantesten Sicherheitsprobleme an

Mit npm v12 schließt GitHub einen zentralen Angriffsweg: Installationsskripte aus Abhängigkeiten laufen ab Juli 2026 nur noch nach ausdrücklicher Freigabe.

Leggi questa versione → originale

Timeline cronologica

martedì 9 giugno 2026·github.blog
Upcoming breaking changes for npm v12 - GitHub Changelog
Our next npm major version, v12, introduces security-related default changes to npm install. All these changes are available behind warnings in npm today on 11.16.0 or newer, so…
mercoledì 10 giugno 2026·infoworld.com
GitHub finally pulls the plug on automatic install script execution for npm
The change, expected in July, will likely block one of the more common attack vectors; developers are wondering what took GitHub so long, and why other repositories acted so much…
mercoledì 10 giugno 2026·heise.de
npm packt seine riskantesten Sicherheitsprobleme an
Mit npm v12 schließt GitHub einen zentralen Angriffsweg: Installationsskripte aus Abhängigkeiten laufen ab Juli 2026 nur noch nach ausdrücklicher Freigabe.
mercoledì 10 giugno 2026·bleepingcomputer.com
GitHub announces npm security changes to tackle supply-chain attacks
GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the…
giovedì 11 giugno 2026·thehackernews.com
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.