node-red

History

Dimitrie Hoekstra 3df161c3bc Add package-lock.json for reproducible dependency chains - Remove package-lock.json from .gitignore - Add validated package-lock.json (Node 20, 1003 packages) - Update CI workflow to use npm ci instead of npm install - Update README development instructions to use npm ci This ensures all developers and CI get identical dependency trees, protecting against npm supply chain attacks where compromised patch versions could automatically propagate through semver ranges. Closes #5424	2026-01-07 16:15:12 +01:00
..
release.yml	Bump the github-actions group with 1 update	2024-02-01 07:29:17 +00:00
tests.yml	Add package-lock.json for reproducible dependency chains	2026-01-07 16:15:12 +01:00

Dimitrie Hoekstra 3df161c3bc

Add package-lock.json for reproducible dependency chains

- Remove package-lock.json from .gitignore
- Add validated package-lock.json (Node 20, 1003 packages)
- Update CI workflow to use npm ci instead of npm install
- Update README development instructions to use npm ci

This ensures all developers and CI get identical dependency trees,
protecting against npm supply chain attacks where compromised patch
versions could automatically propagate through semver ranges.

Closes #5424

2026-01-07 16:15:12 +01:00

release.yml

Bump the github-actions group with 1 update

2024-02-01 07:29:17 +00:00

tests.yml

Add package-lock.json for reproducible dependency chains

2026-01-07 16:15:12 +01:00