Securing your code
- About audit reports
- Auditing package dependencies for security vulnerabilities
- Generating provenance statements
- Trusted publishing with OIDC
- About ECDSA registry signatures
- Verifying ECDSA registry signatures
- Requiring 2FA for package publishing and settings modification
- Reporting malware in an npm package