top of page
perceptive_background_267k.jpg

The planned feature introduces a review step before releases go live, following the Shai-Hulud attacks and a rocky migration off classic tokens that disrupted m…

Published:

7 January 2026 at 02:37:46

Alert date:

7 January 2026 at 18:02:12

Source:

socket.dev

Click to open the original link from this advisory

Supply Chain & Dependencies, Web Technologies

npm announces staged publishing feature in response to the Shai-Hulud supply chain attacks and issues with classic token migration. The new feature introduces a review step before package releases go live. The migration away from classic tokens caused significant disruption to maintainer workflows. npm is also expanding trusted publishing support and OIDC-based workflows. Maintainers faced challenges with token rotation and authentication during the transition. The changes aim to add friction to publication processes to prevent malicious package releases.

Technical details

npm is implementing staged publishing to introduce deliberate friction into package publication after the Shai-Hulud supply chain attack campaign. The new model introduces a review window before package releases become publicly available, requiring explicit MFA-verified approval from package owners. npm also disabled classic token creation in November and permanently revoked classic tokens on December 9, replacing them with short-lived session tokens and granular access tokens. OIDC-based trusted publishing is being expanded but currently has limitations including inability to publish new packages, manual per-package configuration, and lack of bulk setup API. Session token lifetimes were extended from 2 hours to 12 hours due to user complaints.

Mitigation steps:

Migrate from classic npm tokens to granular access tokens or OIDC trusted publishing. Configure MFA for package publishing. Implement staged publishing when available to add review windows before releases go live. Consider anomaly detection for unusual publishing behavior such as publishes from unusual locations or unexpected lifecycle script additions. Align publishing controls with project risk profile and release model. For critical packages, avoid relying solely on trusted publishing due to current limitations.

Affected products:

npm registry
npm CLI
JavaScript packages
GitHub Actions
GitLab CI

Related links:

https://socket.dev/blog/shai-hulud-strikes-again-v2
https://github.blog/security/supply-chain-security/strengthening-supply-chain-security-preparing-for-the-next-malware-campaign/
https://github.com/orgs/community/discussions/179562
https://socket.dev/blog/npm-revokes-classic-tokens
https://github.com/orgs/community/discussions/179562#discussioncomment-15221604
https://github.com/npm/cli/issues/8544
https://github.com/orgs/community/discussions/161015#discussioncomment-14451893
https://github.com/orgs/community/discussions/179562#discussioncomment-15292325
https://humanwhocodes.com/blog/2026/01/how-github-could-secure-npm/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page