audit-level=moderate
fund=false
update-notifier=false
ignore-scripts=false
strict-ssl=true

registry=https://registry.npmjs.org/
audit=true
package-lock=true
package-lock-only=false
save-exact=false

# use npm ci for production builds (faster and more secure)
# this will be enforced in CI/CD scripts

# prevent installation of optional dependencies that might contain vulnerabilities
optional=false
audit=true
update-notifier=false

save-exact=false
