Npm’s Update to Harden Their Supply Chain, and Points to Consider

npm has long been a cornerstone of the JavaScript ecosystem, but its token model made it an attractive vector for supply‑chain compromises. Classic tokens were static, often never expiring, and could be used to publish malicious versions without any source‑code verification. High‑profile incidents such as Sha1‑Hulud, Shai‑Hulud, and the chalk/debug breach demonstrated how stolen credentials can quickly cascade across thousands of downstream projects. These attacks highlighted the need for a fundamental redesign of authentication and credential rotation within the npm registry.

In December 2025 npm revoked all classic tokens and introduced short‑lived session tokens that default to multi‑factor authentication for publishing. The new workflow also encourages OIDC Trusted Publishing, allowing continuous‑integration pipelines to request per‑run credentials instead of storing long‑term secrets. While these measures shrink the attack window to a few hours, they do not eliminate all threats. Phishing campaigns that capture one‑time passwords can still harvest session tokens, and the console still permits the creation of 90‑day tokens with MFA bypass, effectively re‑introducing legacy risk.

The remaining gaps mean npm’s supply‑chain risk remains material for enterprises that rely on thousands of third‑party packages. Industry experts advise mandating OIDC across all CI/CD tools, enforcing MFA for every publish operation, and adding security metadata to package manifests so consumers can verify a maintainer’s protection level. Solutions such as Chainguard Libraries for JavaScript illustrate a complementary approach: building packages from verified upstream source code eliminates the 98.5 % of malware that only appears in published artifacts. Together, layered credential hygiene and source‑based verification form a more resilient defense against future npm attacks.