https://github.com/eagafonov/npm-install-safe
https://github.com/eagafonov/npm-install-safe
bun nobodyreadstags nodejs npm npm-package pi-coding-agent wtfpl wtfpl-license wtfpl-v2
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/eagafonov/npm-install-safe
- Owner: eagafonov
- Created: 2026-04-15T07:04:25.000Z (about 2 months ago)
- Default Branch: master
- Last Pushed: 2026-04-15T07:16:32.000Z (about 2 months ago)
- Last Synced: 2026-04-15T09:24:47.983Z (about 2 months ago)
- Topics: bun, nobodyreadstags, nodejs, npm, npm-package, pi-coding-agent, wtfpl, wtfpl-license, wtfpl-v2
- Language: Shell
- Homepage:
- Size: 1.95 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# npm-install-safe
A paranoid shell script that mass-punishes all npm packages for the sins of the few by refusing to install anything published less than a week ago. Supply chain security through procrastination.
## Usage
```sh
./npm-install-safe.sh
```
Set `QUARANTINE_DAYS` to be even more paranoid:
```sh
QUARANTINE_DAYS=30 ./npm-install-safe.sh
```
## Example
```sh
./npm-install-safe.sh -g @mariozechner/pi-coding-agent
```
## How it works
Read the fricking [script](npm-install-safe.sh), it's 11 lines.
## Requirements
- npm
- GNU `date` (sorry macOS users, your `date` is from 1987)
## License
WTFPL Version 2