UPDATE: npm ships 2FA-gated "staged publishing" GA in response to the 2026 supply-chain worm waves

UPDATE (supply-chain worm wave, originally covered 2026-05-23): GitHub announced on 2026-05-22 that npm staged publishing is now Generally Available — a maintainer must run npm stage publish (npm CLI 11.15.0+), which uploads the version to a consumer-invisible staging queue, then pass a separate 2FA challenge to approve the release before it becomes installable (GitHub Changelog, 2026-05-22). This directly targets the automated mass-publish pattern behind the Megalodon GitHub-repo campaign (covered 2026-05-23) and the earlier mini-shai-hulud / TeamPCP npm waves, where many malicious versions were pushed in seconds via compromised maintainer sessions — a human-in-the-loop 2FA gate would have broken that tempo.

The same release adds three install-source restriction flags — --allow-file, --allow-remote and --allow-directory (each all | none) — letting CI/CD pipelines forbid installs from remote URLs or local paths, the vectors abused in several 2026 dependency-confusion and supply-chain campaigns (The Hacker News, 2026-05-23). For CH/EU public-sector development teams, the operational action is to enable staged publishing on org-owned packages and set --allow-remote none / --allow-directory none in production CI.