chore: harden npm supply chain controls (#11157)

This commit is contained in:
Alan Buscaglia
2026-05-13 17:30:25 +02:00
committed by GitHub
parent 4dd5baadf6
commit 0b4393776c
12 changed files with 58 additions and 25 deletions
+2 -2
View File
@@ -109,10 +109,10 @@ export function MyComponent() {
## Adding New shadcn Components
When adding new shadcn components using the CLI:
When adding new shadcn components using the CLI, pin the reviewed CLI version instead of using `@latest`:
```bash
npx shadcn@latest add [component-name]
pnpm dlx shadcn@4.7.0 add [component-name]
```
The component will be automatically added to this directory due to the configuration in `components.json`: