From cee09b941f0660c42eb9cc62b821266a76ebc4de Mon Sep 17 00:00:00 2001
From: Rohan Nagariya <rohan.n@browserstack.com>
Date: Fri, 12 Jun 2026 01:20:46 +0530
Subject: [PATCH] fix(security): harden .npmrc with supply-chain directives
 [APS-19381]

- Add ignore-scripts, strict-ssl, save-exact, engine-strict,
  legacy-peer-deps=false, audit-level=high
- Preserve existing package-lock=true
- Public repo: access=restricted intentionally omitted

Resolves: APS-19381

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---
 .npmrc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.npmrc b/.npmrc
index cafe685..b7a79de 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,7 @@
 package-lock=true
+ignore-scripts=true
+strict-ssl=true
+save-exact=true
+engine-strict=true
+legacy-peer-deps=false
+audit-level=high