Hardening Yarn Against Supply Chain Attacks
A few lines in .yarnrc.yml and a small package.json allowlist that buy you real protection against the kind of supply chain attacks that have been hitting the JS ecosystem lately.
A few lines in .yarnrc.yml and a small package.json allowlist that buy you real protection against the kind of supply chain attacks that have been hitting the JS ecosystem lately.