npm Adds 2FA-Gated Publishing and Packag

概要

GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature is now generally available on npm

元記事（The Hacker News）