Skip to main content
On this page

deno approve-scripts

View Page as MarkdownOpen the Markdown file in a new tabOpen in ClaudeAsk Claude about this page

deno approve-scripts lets you review and approve pending npm lifecycle scripts (such as postinstall) in your dependency tree. Unlike npm, Deno does not run these scripts by default for security reasons.

Basic usage Jump to heading

Review and approve pending scripts interactively:

>_
deno approve-scripts

This will show you which packages have lifecycle scripts that haven't been approved yet.

Why lifecycle scripts are blocked by default Jump to heading

npm lifecycle scripts (such as preinstall and postinstall) run arbitrary code during the install process. This is a known supply chain attack vector — malicious packages can execute code on your machine just by being installed.

Deno takes a safer approach: lifecycle scripts must be explicitly approved before they run.

Command line usage:
deno approve-scripts [OPTIONS] [packages]...

Approve npm lifecycle scripts for installed dependencies.

Options Jump to heading

--lockfile-only
Jump to heading

Install only updating the lockfile.

Last updated on

Did you find what you needed?

Edit this page
Privacy policy