# Do not run any npm lifecycle hook scripts (especially after installation).
# Most dependencies should be fine with this.
ignore-scripts=true
# Always prefer locked versions from lockfile when installing.
save-exact=true
# Only take packages that are at least 3 days old since most supply-chain attacks may be mitigated until then
min-release-age=3
# Refuse to use engines lower than specified
engine-strict=true
