Package ecosystem maintainers and security vendors highlighted new guardrails and failure modes in automated dependency workflows. npm CLI 11.x introduced minimumReleaseAge, a release “cooldown” control that blocks installation of newly published versions until they reach a configured age, aiming to reduce exposure to malicious packages that rely on rapid adoption before detection or takedown. npm also added bulk configuration for OIDC trusted publishing, aligning with broader efforts to harden CI-based publishing; similar release-age gating has already been implemented in other Node.js package managers (pnpm, Yarn, and Bun), though npm’s initial implementation lacks an exclusion mechanism for cases like urgent internal hotfixes.
Separately, StepSecurity reported detecting a “release storm” affecting multiple Microsoft @types/* packages on npm, where dozens of semver releases were published within 24 hours with no code changes beyond repeated deprecation-version bumps—attributed to an automation loop tied to a scheduled GitHub Actions workflow in microsoft/DefinitelyTyped-tools (publish-packages.yml). In the Go ecosystem, a maintainer of widely used cryptography code criticized GitHub Dependabot for generating large volumes of low-signal alerts and PRs after a minor security fix, arguing the tool often flags repositories based on dependency presence rather than reachability/actual impact, creating alert fatigue and potentially reducing security; he recommended reachability-aware tooling such as govulncheck for Go vulnerability triage.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
9 events from the most recent confirmed update back to the earliest known activity.
Recent npm CLI 11.x releases, including 11.10.0, introduced new supply-chain security features such as minimumReleaseAge to delay installs of newly published versions, an --allow-git flag to restrict Git dependency behavior, and general availability of bulk OIDC trusted publishing via npm trust. These changes aim to reduce risk from malicious releases, unexpected code execution paths, and long-lived publishing tokens.
Valsorda publicly argued that Dependabot's false positives, misleading compatibility warnings, and questionable CVSS v4 scoring create alert fatigue and can reduce real security. He recommended reachability-aware tools such as govulncheck for Go and said vulnerability management requires impact assessment beyond automated dependency updates.
After the filippo.io/edwards25519 security fix, GitHub Dependabot opened thousands of pull requests against repositories that were not actually affected. Valsorda said the tool appeared to flag projects based on dependency presence rather than reachable vulnerable code paths.
Go cryptography maintainer Filippo Valsorda released a security fix in his EdDSA-related Go library filippo.io/edwards25519. The fix later triggered widespread automated alerts and pull requests from GitHub Dependabot.
Maintainer jakebailey quickly identified the root cause and merged a one-line fix in PR #1255 on the same day the issue was reported. The change stopped the repeated publication of deprecated @types package stubs.
StepSecurity disclosed the issue to maintainers by opening GitHub issue #1254. The report documented that an automation bug in a trusted supply-chain pipeline was causing repeated package releases.
Investigation found a loop guard failure in the microsoft/DefinitelyTyped-tools publish-packages.yml workflow, where an undefined label was passed instead of "latest". As a result, the deprecation check failed and the workflow re-published affected deprecated stubs every 30 minutes, producing more than 70 identical releases.
On February 17, 2026, StepSecurity's AI Package Analyst identified a burst of semver-only releases across multiple deprecated npm @types packages with no code changes between versions. The activity was traced to repeated automated publishes rather than a malicious package compromise.
During 2025, pnpm, Yarn, and Bun added time-based install delay controls to reduce exposure to newly published malicious package versions. This established a broader ecosystem trend toward package-manager-enforced supply-chain protections.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
3 references tracked. Mallory keeps watching after this page renders.
socket.dev
Open sourcestepsecurity.io
Open sourcego.theregister.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.