GitHub has rolled out major new security measures for the npm ecosystem aimed at reducing the growing threat of software supply chain attacks targeting open-source packages and developer workflows.
According to the report, npm now supports a feature called “staged publishing,” which requires a human maintainer to complete a two-factor authentication (2FA) approval before a package becomes publicly available for installation. Instead of immediately publishing a package directly to the npm registry, developers can first upload it to a staging queue for manual approval.
GitHub stated that the new process ensures “proof of presence” for every package release, including those originating from automated CI/CD pipelines and trusted publishing workflows using OpenID Connect (OIDC). The company believes this additional verification layer can significantly reduce risks associated with compromised automation tokens and malicious package publishing.
To use staged publishing, maintainers must already have publish access to an existing npm package and have 2FA enabled on their account. Developers can submit packages using the command “npm stage publish,” available through npm CLI version 11.15.0 or newer.
In addition to staged publishing, npm has introduced new install source controls designed to restrict how packages are installed from non-registry sources. The new flags — –allow-file, –allow-remote, and –allow-directory — give developers more granular control over installations involving local files, remote URLs, tarballs, and directories.
The security upgrades come amid a sharp rise in software supply chain attacks affecting the open-source ecosystem. Recent campaigns linked to groups such as TeamPCP and Shai-Hulud have compromised hundreds of npm packages using self-replicating malware, credential theft techniques, and malicious dependency injections.
GitHub has also been tightening authentication and token management policies across npm. The company previously introduced shorter token expiration periods, deprecated classic npm tokens, and pushed developers toward phishing-resistant authentication methods such as FIDO-based 2FA and trusted publishing through OIDC.
Security researchers noted that automated publishing systems and long-lived authentication tokens have become major attack targets because compromising a single developer token can allow attackers to distribute malicious code to thousands of downstream applications.
The article highlighted that software supply chain security has become one of the cybersecurity industry’s biggest concerns as modern applications increasingly rely on large numbers of open-source dependencies and automated development pipelines.
