Show HN: Safe-install – safer NPM installs with trusted build dependencies https://bit.ly/4nnPzW8

Show HN: Safe-install – safer NPM installs with trusted build dependencies In light of the ongoing npm supply chain compromises, I built safe-install: https://bit.ly/4wpkUvV It brings a couple of protections I wanted from npm but are not built in. Similar to Bun’s trusted dependencies, it lets you disable install scripts by default and define a list of dependencies that are allowed to run build/install scripts: https://bit.ly/4nr62sS It also supports blocking exotic sub-dependencies, similar to pnpm’s `blockExoticSubdeps` setting: https://bit.ly/4wGyKub... I was hoping npm would eventually add something like this, but it does not seem to be happening soon, so I made a small package for it. https://bit.ly/4wpkUvV May 12, 2026 at 01:30AM