From 24eb62192f50ae51fb32a59988d62544d1bc1d49 Mon Sep 17 00:00:00 2001
From: Karan Shah <64479353+karanshah-browserstack@users.noreply.github.com>
Date: Thu, 11 Jun 2026 11:15:01 +0530
Subject: [PATCH] APS-19732: add hardened .npmrc (supply-chain audit SC-12282)

Add supply-chain hardening .npmrc with directives required by the
weekly Enigma audit (SC-12282): ignore-scripts, strict-ssl, save-exact,
engine-strict, legacy-peer-deps=false, audit-level=high.

Verified via npm ci on Node 18/20/22 (lockfile unchanged) and e2e
sample-test on Node 20. Node 16 fails engine-strict by design
(@playwright/test requires node>=18).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
---
 .npmrc | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 .npmrc

diff --git a/.npmrc b/.npmrc
new file mode 100644
index 0000000..19b6ee0
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,7 @@
+# Supply-chain hardening directives (SC-12282 / APS-19732)
+ignore-scripts=true
+strict-ssl=true
+save-exact=true
+engine-strict=true
+legacy-peer-deps=false
+audit-level=high