ci: add ignore-scripts to Node package manager config (20260526-184008) (#748)

* ci: enforce ignore-scripts policy for Node package managers

---------

Co-authored-by: securityeng-bot[bot] <219863240+securityeng-bot[bot]@users.noreply.github.com>
This commit is contained in:
securityeng-bot[bot]
2026-06-05 09:05:39 -04:00
committed by GitHub
parent ff1266720e
commit 662dfc07d1
12 changed files with 22 additions and 0 deletions
+2
View File
@@ -17,6 +17,8 @@ EXPOSE $PORT 9229 9230
COPY package.json /code/package.json
COPY package-lock.json /code/package-lock.json
COPY .npmrc .
COPY .yarnrc.yml .
RUN npm ci
# check every 30s to ensure this service returns HTTP 200
+2
View File
@@ -8,6 +8,8 @@ ENV PORT=3000
WORKDIR /code
COPY package.json /code/package.json
COPY package-lock.json /code/package-lock.json
COPY .npmrc .
COPY .yarnrc.yml .
RUN npm ci
COPY . /code