Don't install new deps less than 1 day old #11465

PowerKiKi · PowerKiKi · commit 4cc2a0d9b55e · 2026-04-17T23:24:22.000+09:00
To limit supply chain attacks
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
@@ -1 +1,8 @@
+# The minimum age of a release to be considered for dependency installation.
+# The value is in minutes (1440 minutes = 1 day).
+minimumReleaseAge: 1440
+# List of packages to exclude from the minimum release age check.
+minimumReleaseAgeExclude:
+    - '@ecodev/*'
+
 nodeLinker: hoisted
