Skip to content

Instantly share code, notes, and snippets.

View eapotapov's full-sized avatar

Evgeny Potapov eapotapov

View GitHub Profile
@eapotapov
eapotapov / supply-chain-hardening.md
Created March 30, 2026 13:30
Supply Chain Hardening: Release Age Gating & Install Script Protection for npm, pnpm, Yarn, Bun, uv, pip, and Deno

Supply Chain Hardening: Release Age Gating & Install Script Protection

1. Release Age Gating

Refuse to install packages published less than 7 days ago.

npm

Global — add to ~/.npmrc:

@eapotapov
eapotapov / config-wsl
Created July 21, 2024 15:37
Updated config-wsl for WSL kernel 6.6 (merged vars from 5.15) according to https://github.com/microsoft/WSL/issues/11742
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86_64 6.6.29.1 Kernel Configuration - Updated
#
CONFIG_CC_VERSION_TEXT="gcc (GCC) 13.2.0"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=130200
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
CONFIG_AS_VERSION=24100