Skip to content

fix(PLT-3359): harden yarn configuration#737

Merged
promiseNwafor merged 2 commits into
mainfrom
appsec/harden-yarn-config
May 1, 2026
Merged

fix(PLT-3359): harden yarn configuration#737
promiseNwafor merged 2 commits into
mainfrom
appsec/harden-yarn-config

Conversation

@tf-seti

@tf-seti tf-seti commented Apr 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Harden yarn configuration

This PR hardens yarn configuration against supply chain attacks.

Changes

  • .yarnrc: Added ignore-scripts true and save-exact true.
  • Dependabot: Added a 7-day cooldown for third-party npm updates (excluding @typeform/*).
  • Compatibility: Maintained semantic-release version locks for Node 22 compatibility.

Automated by Application Security · supply-chain-hardening

Created by Sourcegraph batch change david.salvador/harden-yarn-config.

@tf-seti tf-seti changed the title fix(NOJIRA-1234): harden yarn configuration fix(PLT-3359): harden yarn configuration Apr 28, 2026
@tf-seti tf-seti force-pushed the appsec/harden-yarn-config branch from 260401d to 7312644 Compare April 28, 2026 09:00
@tf-seti tf-seti marked this pull request as ready for review April 28, 2026 09:34
@tf-seti tf-seti requested a review from a team as a code owner April 28, 2026 09:34
@pr-auditor

pr-auditor Bot commented Apr 28, 2026
edited
Loading

Copy link
Copy Markdown

✅ Security Analysis Results

Great news! No security issues found in this pull request.

Analysis Summary:

  • 📁 Files reviewed: 4
  • ✅ No security vulnerabilities detected

Security analysis powered by Claude Sonnet 4.6 via pr-auditor | Questions? Contact #dx-team or check out this page

Thr44
Thr44 previously approved these changes Apr 28, 2026
View reviewed changes
@tf-seti tf-seti force-pushed the appsec/harden-yarn-config branch from 7312644 to 015030a Compare April 28, 2026 10:27
Thr44
Thr44 previously approved these changes Apr 28, 2026
View reviewed changes
@typeform-ops-gha

typeform-ops-gha commented May 1, 2026

Copy link
Copy Markdown

[BOT] Preview available with hash c9ad97a7645404a91c17aa101544f6670ba35af9 here.

@sonarqubecloud

sonarqubecloud Bot commented May 1, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@promiseNwafor promiseNwafor merged commit 05ed193 into main May 1, 2026
15 checks passed
@promiseNwafor promiseNwafor deleted the appsec/harden-yarn-config branch May 1, 2026 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@promiseNwafor promiseNwafor promiseNwafor approved these changes

@Thr44 Thr44 Thr44 left review comments

Assignees

No one assigned

Labels

1 min review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@tf-seti @typeform-ops-gha @Thr44 @promiseNwafor @davidsalvador-tf