LmCast :: Stay tuned in

GitHub introduces staged publishing and new install-time controls for NPM

Recorded: May 23, 2026, 4:59 a.m.

Original Summarized

Staged publishing and new install-time controls for npm - GitHub Changelog

Skip to content

Skip to sidebar

/

Blog

Changelog
Docs
Customer stories

Try GitHub Copilot CLI

See what's new

Search

Changelog
Docs
Customer stories

See what's new

Try GitHub Copilot CLI

Back to changelog

Release

May 22, 2026 •
2 minute read
Staged publishing and new install-time controls for npm

Table of Contents

Staged publishing is generally available

New install source flags

Join the discussion

Menu. Currently selected: Staged publishing is generally available

Staged publishing is generally available

New install source flags

Join the discussion

Today we’re shipping two updates focused on supply-chain security for npm:

Staged publishing is generally available.
New --allow-* install source flags (--allow-file, --allow-remote, --allow-directory) complement the existing --allow-git flag.

Both are available in npm CLI 11.15.0 or newer.

Staged publishing is generally available
Staged publishing is now generally available on npm. Instead of a direct publish that immediately makes a package version available to consumers, the prebuilt tarball is uploaded to a stage queue where a maintainer must explicitly approve it before it becomes installable. The queue is visible both on npmjs.com and in the npm CLI.
Staged publishing reinforces proof of presence on every publish, including those that originate from non-interactive CI/CD workflows and those using trusted publishing with OIDC. A human maintainer with a 2FA challenge is required to approve a staged package before it is released to the registry.
Staged publishing is live today, and so are the docs.

Overview and getting started
CLI reference and permissions
Trusted publishers (updated)

Requirements

npm CLI 11.15.0 or newer is required to use npm stage.
Update CI/CD workflows to use npm stage publish instead of npm publish where you want staged behavior.

Recommended setup
We recommend pairing staged publishing with trusted publishing (OIDC). A trusted publishing configuration can be limited to stage-only, which means npm publish from that workflow will be rejected and only npm stage publish is accepted. Your CI workflows continue to run non-interactively, and a maintainer later approves the staged version from the website or the CLI.
You can also run npm stage publish locally, but the highest-value setup is CI publishing to the stage queue and a maintainer approving from a trusted device.
If you already manage trusted publishing configurations in bulk, released Feb 2026, you can use it to migrate your packages to staged publishing. Remember to update your CI workflows to the new CLI version and to use npm stage publish.
New install source flags
In npm 11.10.0 we introduced --allow-git to give you control over whether npm install can resolve dependencies from Git sources. Starting in npm 11.15.0, we are adding three more flags so you can apply the same explicit-allowlist approach to every nonregistry install source:

--allow-file: Controls installs from local file paths and local tarballs.
--allow-remote: Controls installs from remote URLs, including https tarballs.
--allow-directory: Controls installs from local directories.
--allow-git (existing): Controls installs from any Git source, including github:, gitlab:, git+ URLs, and bare owner/repo shorthands.

Each flag accepts all (the current default) or none, and can also be set in .npmrc or package.json config.
Learn more by checking out our docs:

npm install reference (the --allow-file, --allow-remote, --allow-git variants are on the same page)
Config reference

As a reminder from the Feb 2026 announcement, --allow-git will change its default from all to none in the next major version of the CLI (v12). The new --allow-file, --allow-remote, and --allow-directory flags are additions in 11.15.0—you can opt into stricter behavior today by setting them to none.

Join the discussion
We’d like to hear how you’re rolling this out. Share feedback and questions in the GitHub Community discussion.

Table of Contents

Staged publishing is generally available

New install source flags

Join the discussion

Menu. Currently selected: Staged publishing is generally available

Staged publishing is generally available

New install source flags

Join the discussion

supply chain security

Share
Copied
Shared

Back to changelog

Related Posts

May.19 Retired

Upcoming deprecation of Python 3.9 for Dependabot

supply chain security

May.19 Improvement

Expanded OIDC support for Dependabot and code scanning

application security
supply chain security

...
+1

May.19 Improvement

Start a GitHub Advanced Security trial from a risk assessment

application security
supply chain security

...
+1

May.12 Retired

Synchronous SBOM API deprecated

supply chain security

May.11 Improvement

Cross-org Dependabot access for internal repositories

supply chain security

May.06 Release

Search and filter bar for repository security advisories

supply chain security

May.05 Release

Dependency scanning with GitHub MCP Server is in public preview

supply chain security

May.05 Release

Code-to-cloud risk visibility with Microsoft Defender for Cloud is now generally available

application security
supply chain security

...
+1

Apr.23 Improvement

Dependabot-based dependency graphs for Python

supply chain security

Subscribe to our developer newsletter

Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.

Enter your email*

Subscribe

By submitting, I agree to let GitHub and its affiliates use my information for personalized communications, targeted advertising, and campaign effectiveness. See the GitHub Privacy Statement for more details.

Back to top

Site-wide Links

ProductFeaturesSecurityEnterpriseCustomer StoriesPricingResourcesPlatformDeveloper APIPartnersAtomElectronGitHub DesktopSupportDocsCommunity ForumTrainingStatusContactCompanyAboutBlogCareersPressShop

© 2026 GitHub, Inc.

Terms

Privacy

Manage Cookies

Do not share my personal information

LinkedIn icon

GitHub on LinkedIn

Instagram icon

GitHub on Instagram

YouTube icon

GitHub on YouTube

X icon

GitHub on X

TikTok icon

GitHub on TikTok

Twitch icon

GitHub on Twitch

GitHub icon

GitHub’s organization on GitHub

New updates to npm focus on enhancing supply-chain security through staged publishing mechanisms and introducing more granular controls for dependency installation sources. Staged publishing is now generally available, fundamentally changing the publishing workflow by introducing an intermediate approval step for package release. Instead of an immediate publication upon command, the prebuilt tarball is uploaded to a stage queue where a maintainer must explicitly approve it before it becomes installable. This process reinforces proof of presence for every publication, even those originating from automated continuous integration/continuous delivery workflows or those utilizing trusted publishing configurations secured by OpenID Connect (OIDC). A human maintainer, requiring two-factor authentication, must approve the staged package before it is released to the registry, which provides an additional layer of security assurance. This feature requires npm CLI version 11.15.0 or newer and is recommended to be paired with trusted publishing configurations, which can be set to stage-only, thereby rejecting direct publish attempts in CI/CD and requiring maintainer approval from external sources. While local execution of npm stage publish is possible, the most secure and valuable setup involves publishing to the stage queue via CI and subsequent human approval.

In addition to staged publishing, npm has introduced new install source flags to enhance control over how dependencies are resolved during installation. Building upon the existing --allow-git flag, npm 11.15.0 introduces three new options: --allow-file, --allow-remote, and --allow-directory. These flags extend the explicit-allowlist approach to control installations from all non-registry sources. Specifically, --allow-file governs installations from local file paths and local tarballs, --allow-remote controls installations from remote URLs, including HTTPS tarballs, and --allow-directory manages installations from local directories. Each flag can be configured to accept all, none, or specific settings, and these settings can be defined in the .npmrc or package.json configuration files. This update allows developers greater control over dependency resolution by defining stricter rules for where npm is permitted to fetch content, further bolstering the security posture of dependency management. Furthermore, the existing --allow-git flag is slated for a default change in the next major version of the CLI, moving its default setting from all sources to none. The addition of these new flags provides the capacity for developers to opt into stricter behavior immediately by setting them to none, thereby managing the potential risks associated with external source dependencies.