-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathsocket.yml
More file actions
21 lines (20 loc) · 796 Bytes
/
Copy pathsocket.yml
File metadata and controls
21 lines (20 loc) · 796 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
version: 2
issueRules:
envAccess: false
filesystemAccess: false
networkAccess: false
shellAccess: false
typosquatting: true
installScripts: true
obfuscatedCode: true
unmaintainedPackages: true
# Accepted transitive dependencies - these are pulled in by @inquirer/*
# packages (optional dependencies of @greenarmor/ges). They are legitimate,
# maintained packages used by the Inquirer.js ecosystem for terminal rendering.
# See SECURITY.md "Supply Chain Review" section for full risk assessment.
#
# These cannot be replaced without forking @inquirer/core, which explicitly
# depends on them for performance-optimized ANSI terminal rendering.
#
# GESF has a built-in readline fallback: if @inquirer/* is not installed,
# all CLI prompts degrade gracefully to numbered text menus.