From ddb37549279fc52283a8d3d812650eaf301911dd Mon Sep 17 00:00:00 2001
From: fraxken <gentilhomme.thomas@gmail.com>
Date: Fri, 7 Nov 2025 04:59:29 +0100
Subject: [PATCH 1/4] chore(.npmrc): add save-exact + ignore-scripts

---
 .github/workflows/main.yml | 2 +-
 .npmrc                     | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index c04bfbb..18a18d5 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
         with:
           node-version: 22.x
       - name: Install dependencies
-        run: npm install
+        run: npm install --ignore-scripts
       - name: Run ESLint
         run: npm run lint
   test:
diff --git a/.npmrc b/.npmrc
index 43c97e7..61cbf3f 100644
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,3 @@
 package-lock=false
+save-exact=true
+ignore-scripts=true

From 7ba0c916e59632ba7dcc708d75a95636540b1308 Mon Sep 17 00:00:00 2001
From: fraxken <gentilhomme.thomas@gmail.com>
Date: Fri, 7 Nov 2025 05:00:37 +0100
Subject: [PATCH 2/4] chore(dependabot): cool-down to 5 days

---
 .github/dependabot.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index d570610..9141766 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,6 +4,8 @@ updates:
     directory: /
     schedule:
       interval: monthly
+    cooldown:
+      default-days: 5
     groups:
       github-actions:
         patterns:
@@ -24,5 +26,7 @@ updates:
     directory: /test/fixtures/audit
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 5
     ignore:
       - dependency-name: "*"

From 64e2ca06db6ac3c721277c6a1d088a51919c0fbc Mon Sep 17 00:00:00 2001
From: fraxken <gentilhomme.thomas@gmail.com>
Date: Fri, 7 Nov 2025 05:01:36 +0100
Subject: [PATCH 3/4] chore: drop Node.js v20

---
 .github/workflows/main.yml | 6 +++---
 README.md                  | 2 +-
 package.json               | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 18a18d5..b63bbf2 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -20,7 +20,7 @@ jobs:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v2.6.0
       - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
-          node-version: 22.x
+          node-version: 24.x
       - name: Install dependencies
         run: npm install --ignore-scripts
       - name: Run ESLint
@@ -29,7 +29,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [20.x, 22.x]
+        node-version: [22.x, 24.x]
       fail-fast: false
     steps:
       - name: Harden Runner
@@ -64,7 +64,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [20.x, 22.x]
+        node-version: [22.x, 24.x]
       fail-fast: false
     steps:
       - name: Harden Runner
diff --git a/README.md b/README.md
index 16824c4..91dcbf5 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,7 @@
 The **vuln-*era*** has begun! Programmatically fetch security vulnerabilities with one or many strategies. Originally designed to run and analyze [Scanner](https://github.com/NodeSecure/scanner) dependencies it now also runs independently from an npm Manifest.
 
 ## Requirements
-- [Node.js](https://nodejs.org/en/) v20 or higher
+- [Node.js](https://nodejs.org/en/) v22 or higher
 
 ## Getting Started
 
diff --git a/package.json b/package.json
index 851ef13..ae65c29 100644
--- a/package.json
+++ b/package.json
@@ -4,7 +4,7 @@
   "description": "NodeSecure vulnerabilities strategies",
   "type": "module",
   "engines": {
-    "node": ">=20"
+    "node": ">=22"
   },
   "exports": "./dist/index.js",
   "types": "./dist/index.d.ts",

From e193fcce0c0b5d6dd29b573ac19c61b004c31131 Mon Sep 17 00:00:00 2001
From: fraxken <gentilhomme.thomas@gmail.com>
Date: Fri, 7 Nov 2025 05:01:55 +0100
Subject: [PATCH 4/4] ci: drop NodeSecure ci-action

---
 .github/workflows/main.yml | 22 ----------------------
 1 file changed, 22 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index b63bbf2..fbb79ab 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -60,25 +60,3 @@ jobs:
         uses: fastify/github-action-merge-dependabot@1b2ed42db8f9d81a46bac83adedfc03eb5149dff # v3.11.2
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
-  nsci:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [22.x, 24.x]
-      fail-fast: false
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
-        with:
-          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
-
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: Install dependencies
-        run: npm install
-      - uses: NodeSecure/ci-action@e3ac9c03585752e979622279106a161e94d5717b # v1
-        with:
-          warnings: warning