GitHub has introduced a major security enhancement to the npm ecosystem with the general availability of staged publishing and new install-time controls in npm CLI version 11.15.0.
These updates are designed to reduce software supply chain risks, particularly those arising from compromised developer accounts, malicious package updates, and automated CI/CD workflows.
GitHub Strengthens npm Security
The newly released staged publishing feature introduces an approval-based workflow for publishing npm packages. Instead of immediately making a package version available, the system places the prebuilt tarball into a staging queue. A maintainer must then manually approve the release before it becomes accessible to users.
This mechanism enforces “proof of presence,” ensuring that even packages published via automated CI/CD pipelines or trusted OpenID Connect (OIDC) workflows require human verification. Approval actions are secured with two-factor authentication (2FA), reducing the risk of unauthorized or malicious package releases.
The staging queue is visible through both the npm CLI and the npmjs.com interface, providing transparency and control over pending releases.
Security experts note that this approach directly addresses recent supply chain attack patterns where attackers inject malicious code into packages during automated publishing processes.
GitHub recommends combining staged publishing with trusted publishing (OIDC) for maximum security. In this configuration, CI/CD pipelines can be restricted to “stage-only” publishing, preventing direct releases via npm publish. Maintainers can later approve packages from a trusted device, adding a security checkpoint.
Organizations managing multiple packages can leverage existing bulk trusted publishing configurations introduced earlier in 2026 to migrate seamlessly to staged workflows.
In addition to staged publishing, npm 11.15.0 introduces new install-time flags that give developers granular control over dependency sources:
- –allow-file: Controls installation from local files and tarballs
- –allow-remote: Restricts installations from remote URLs
- –allow-directory: Manages installs from local directories
- –allow-git: Controls Git-based dependencies (introduced earlier)
Each flag supports “all” or “none” settings and can be configured via .npmrc or package.json. These controls allow organizations to implement strict allowlist policies, preventing unauthorized or risky dependency sources.
For example, in a production environment, you can turn off all non-registry sources by setting all flags to “none,” ensuring that only vetted packages from the npm registry are installed.
These updates reflect npm’s broader push toward proactive supply chain security. Notably, the default behavior of the –allow-git flag is expected to change from “all” to “none” in npm CLI v12, signaling a shift toward stricter default protections.
With supply chain attacks continuing to target open-source ecosystems, staged publishing and install-time controls provide developers with practical tools to mitigate risk while maintaining workflow flexibility.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
