Skip to content

Commit 3319d88

Browse files
jdaltonjdalton
committed
fix: deny postject build scripts in allowBuilds
1 parent 9d0abb7 commit 3319d88

File tree

1 file changed

+18
-18
lines changed

1 file changed

+18
-18
lines changed

pnpm-workspace.yaml

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,13 @@
1-
# Migrated from .npmrc (pnpm v11 only reads auth/registry from .npmrc).
2-
ignoreScripts: true
3-
linkWorkspacePackages: false
4-
5-
# Wait 7 days (10080 minutes) before installing newly published packages.
6-
minimumReleaseAge: 10080
7-
minimumReleaseAgeExclude:
8-
- '@anthropic-ai/claude-code@2.1.98'
9-
- '@socketaddon/*'
10-
- '@socketbin/*'
11-
- '@socketregistry/*'
12-
- '@socketsecurity/*'
131

142
packages:
153
- packages/*
164
- '!packages/package-builder/build'
175

6+
# Packages allowed to run build scripts (pnpm v11 strictDepBuilds default).
7+
allowBuilds:
8+
esbuild: true
9+
postject: false
10+
1811
catalog:
1912
'@anthropic-ai/claude-code': 2.1.98
2013
'@babel/core': 7.28.4
@@ -80,10 +73,10 @@ catalog:
8073
compromise: 14.14.4
8174
del-cli: 6.0.0
8275
dev-null-cli: 2.0.0
76+
ecc-agentshield: 1.4.0
8377
emoji-regex: 10.6.0
8478
es-define-property: npm:@socketregistry/es-define-property@^1.0.7
8579
es-set-tostringtag: npm:@socketregistry/es-set-tostringtag@^1.0.10
86-
ecc-agentshield: 1.4.0
8780
esbuild: 0.25.11
8881
fast-glob: 3.3.3
8982
fast-xml-parser: 5.5.1
@@ -154,11 +147,18 @@ catalog:
154147
yargs-parser: 21.1.1
155148
yoctocolors-cjs: 2.1.3
156149
zod: 4.1.8
150+
# Migrated from .npmrc (pnpm v11 only reads auth/registry from .npmrc).
151+
ignoreScripts: true
152+
linkWorkspacePackages: false
157153

158-
# Packages allowed to run build scripts (pnpm v11 strictDepBuilds default).
159-
allowBuilds:
160-
esbuild: true
161-
postject: true
154+
# Wait 7 days (10080 minutes) before installing newly published packages.
155+
minimumReleaseAge: 10080
156+
minimumReleaseAgeExclude:
157+
- '@anthropic-ai/claude-code@2.1.98'
158+
- '@socketaddon/*'
159+
- '@socketbin/*'
160+
- '@socketregistry/*'
161+
- '@socketsecurity/*'
162162

163163
# Dependency overrides (migrated from package.json pnpm.overrides).
164164
overrides:
@@ -199,8 +199,8 @@ overrides:
199199
shell-quote: 'catalog:'
200200
side-channel: 'catalog:'
201201
signal-exit: '4.1.0'
202-
string_decoder: 'catalog:'
203202
string-width: 'catalog:'
203+
string_decoder: 'catalog:'
204204
strip-ansi: 'catalog:'
205205
tiny-colors: 'catalog:'
206206
typedarray: 'catalog:'

0 commit comments

Comments
 (0)