Add pnpm minimumReleaseAge to match dependabot cooldown

ntotten · claude · ntotten · commit 3f90586eedfe · 2025-11-28T09:15:27.000-05:00
Configure pnpm to only install packages that are at least 7 days old. This matches our dependabot configuration (default-days: 7) and provides a stability buffer against newly published compromised packages. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
@@ -0,0 +1,4 @@
+# Require packages to be at least 7 days old before installation
+# This matches our dependabot cooldown config (default-days: 7)
+# and provides a stability buffer against compromised packages
+minimumReleaseAge: 10080
