Commit e755af1
committed
minor #3083 Prevent pnpm to install new packages published the same day (Kocal)
This PR was merged into the 2.x branch.
Discussion
----------
Prevent pnpm to install new packages published the same day
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Docs? | no <!-- required for new features -->
| Issues | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
<!--
Replace this notice by a description of your feature/bugfix.
This will help reviewers and should be a good start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- For new features, provide some code snippets to help understand usage.
- Features and deprecations must be submitted against branch main.
- Update/add documentation as required (we can help!)
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
- Never break backward compatibility (see https://symfony.com/bc).
-->
It should not affect us since we are using a lockfile, but just in case of, we prevent the installation of new packages published in the last 1440 minutes (1 day), which could be malicious packages. See https://pnpm.io/fr/settings#minimumreleaseage
Commits
-------
7264fe7 Prevent pnpm to install new packages published the same day2 files changed
+3
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
| 23 | + | |
| 24 | + | |
0 commit comments