Advisories for Npm/Sigstore package

2026