Today we’re shipping two updates focused on supply-chain security for npm:

  1. Staged publishing is generally available.
  2. New --allow-* install source flags (--allow-file, --allow-remote, --allow-directory) complement the existing --allow-git flag.

Both are available in npm CLI 11.15.0 or newer.

Staged publishing is generally available

Staged publishing is now generally available on npm. Instead of a direct publish that immediately makes a package version available to consumers, the prebuilt tarball is uploaded to a stage queue where a maintainer must explicitly approve it before it becomes installable. The queue is visible both on npmjs.com and in the npm CLI.

Staged publishing reinforces proof of presence on every publish, including those that originate from non-interactive CI/CD workflows and those using trusted publishing with OIDC. A human maintainer with a 2FA challenge is required to approve a staged package before it is released to the registry.

Staged publishing is live today, and so are the docs.

Requirements

  • npm CLI 11.15.0 or newer is required to use npm stage.
  • Update CI/CD workflows to use npm stage publish instead of npm publish where you want staged behavior.

We recommend pairing staged publishing with trusted publishing (OIDC). A trusted publishing configuration can be limited to stage-only, which means npm publish from that workflow will be rejected and only npm stage publish is accepted. Your CI workflows continue to run non-interactively, and a maintainer later approves the staged version from the website or the CLI.

You can also run npm stage publish locally, but the highest-value setup is CI publishing to the stage queue and a maintainer approving from a trusted device.

If you already manage trusted publishing configurations in bulk, released Feb 2026, you can use it to migrate your packages to staged publishing. Remember to update your CI workflows to the new CLI version and to use npm stage publish.

New install source flags

In npm 11.10.0 we introduced --allow-git to give you control over whether npm install can resolve dependencies from Git sources. Starting in npm 11.15.0, we are adding three more flags so you can apply the same explicit-allowlist approach to every nonregistry install source:

  • --allow-file: Controls installs from local file paths and local tarballs.
  • --allow-remote: Controls installs from remote URLs, including https tarballs.
  • --allow-directory: Controls installs from local directories.
  • --allow-git (existing): Controls installs from any Git source, including github:, gitlab:, git+ URLs, and bare owner/repo shorthands.

Each flag accepts all (the current default) or none, and can also be set in .npmrc or package.json config.

Learn more by checking out our docs:

As a reminder from the Feb 2026 announcement, --allow-git will change its default from all to none in the next major version of the CLI (v12). The new --allow-file, --allow-remote, and --allow-directory flags are additions in 11.15.0—you can opt into stricter behavior today by setting them to none.

Join the discussion

We’d like to hear how you’re rolling this out. Share feedback and questions in the GitHub Community discussion.