GitHub has announced a significant expansion of npm's security controls with the general availability of staged publishing and new package install policies. The changes arrive amid a surge in supply chain attacks targeting the npm ecosystem, providing maintainers with meaningful new tools to prevent unauthorized or malicious package releases.
Staged Publishing: What It Is
The headline feature is staged publishing — a mechanism that allows package maintainers to explicitly approve a release before it becomes publicly available for installation. Under the new workflow:
- A contributor or automated pipeline submits a new package version
- The package enters a pending state visible only to authorized maintainers
- A maintainer with 2FA-authenticated access reviews and approves the release
- Only after approval does the package become available via
npm install
This directly counters one of the most common supply chain attack vectors: compromising a package maintainer's account and publishing a malicious version that gets automatically installed by downstream consumers before anyone notices.
Package Install Controls
In addition to staged publishing, GitHub is rolling out package install policies that allow organizations to define rules around which packages their developers can install. These controls include:
- Allowlists — only explicitly approved packages may be installed
- Blocklists — specific packages or versions can be prevented from installation
- Scope restrictions — limit which npm scopes are allowed within an organization
- Version pinning enforcement — require lock files to prevent unexpected version drift
These controls are particularly valuable for enterprises and teams running CI/CD pipelines where automated dependency resolution has historically created blind spots.
Context: Why Now
The announcement comes as the npm registry has faced a sustained wave of supply chain attacks throughout 2026. High-profile incidents including the mini-shai-hulud worm, the axios maintainer account compromise, and multiple credential-stealing campaigns have collectively compromised hundreds of packages and affected thousands of downstream projects.
GitHub's engineering team has cited these incidents as direct motivation for accelerating the rollout of enhanced controls.
Developer Experience Considerations
GitHub has worked to minimize friction for individual developers and open source projects. Staged publishing is opt-in for public packages, allowing solo maintainers to continue their existing publish workflows without added overhead. For organizations, the controls integrate with GitHub's existing team permission systems.
The 2FA requirement for approving staged releases aligns with npm's existing policy of requiring 2FA for publishing to highly-depended-upon packages, extending that protection to the approval workflow.
Getting Started
To enable staged publishing on your npm packages:
# Enable staged publishing for a package (requires npm 11+)
npm config set staged-publishing true
# List pending staged releases
npm publish --list-staged
# Approve a staged release
npm publish --approve <version>Organization-level install policies are managed through the GitHub organization settings under Packages & Supply Chain Security.
Industry Response
Security researchers and open source advocates have broadly welcomed the changes, noting that 2FA-gated publishing addresses a critical gap that attackers have exploited repeatedly. The controls align with emerging best practices from frameworks like SLSA (Supply-chain Levels for Software Artifacts) and CISA's guidance on software supply chain security.
The ecosystem still has work to do — package integrity verification, build provenance attestation, and automated malicious code scanning remain areas for improvement — but staged publishing represents a meaningful step toward a more secure npm registry.