CSCEXAM-000 Security hardening regarding npm

Author: lupari

.npmrc

@@ -0,0 +1,27 @@
+# SPDX-FileCopyrightText: 2024 The members of the EXAM Consortium
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+# --- Security ---
+# Disable scripts from dependencies (the dangerous ones)
+ignore-scripts=true
+
+# Enforce consistent dependency graph
+strict-peer-deps=true
+
+# Keep audit warnings enabled
+audit=true
+
+# Prevent execution of install scripts from *transitive* deps
+# (Angular typically does NOT depend on packages requiring install scripts)
+script-shell=bash
+
+# Don't allow NPM to use unsafe redirects
+strict-ssl=true
+
+# Don’t overwrite environment PATH unexpectedly
+bin-links=true
+
+# --- Project behaviour ---
+# Prefer deterministic installs
+save-exact=false