GitHub has rolled out two critical supply-chain security upgrades for the npm ecosystem: staged publishing, now generally available, and new install-time source restriction flags, both of which land in npm CLI 11.15.0, released on May 22, 2026. Staged publishing fundamentally restructures how package versions are published to the npm registry. Instead of a direct publish […]
The post GitHub Adds Staged Publishing to Strengthen npm Security. appeared first on Cyber Security News.