@dreamhorizonorg/sentinel/sentinel-example.config.json

Open-source, zero-dependency tool that blocks compromised packages BEFORE download. Built to counter supply chain and credential theft attacks like Shai-Hulud.

{
  "dataSourcePath": "./config/compromised-packages.json",
  "endpoint": "https://example.com/api/compromised-packages.json",
  "skipNpmAudit": false,
  "logMode": "normal",
  "providers": {
    "osv": {
      "enabled": true,
      "timeout": 5000
    },
    "github": {
      "enabled": true,
      "timeout": 5000,
      "token": null
    },
    "snyk": {
      "enabled": false,
      "token": null
    }
  }
}