|
|
|
|
|
|
by simonkagedal
72 days ago
|
|
|
This page describes the behavior, "disables the automatic execution of postinstall scripts in dependencies": https://pnpm.io/supply-chain-security While this explicitly calls out "postinstall", I'm pretty sure it affects other such lifecycle scripts like preinstall in dependencies. The --ignore-scripts option will ignore lifecycle scripts in the project itself, not just dependencies. And it will ignore scripts that you have previously allowed (using the "allowBuilds" feature). |
|
|