GHSA-GV7W-RQVM-QJHR esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY

Summary The esbuild Deno module lib/deno/mod.ts downloads native binary executables from an npm registry and writes them to disk with executable permissions 0o755 without performing any integrity verification e.g., SHA-256 hash check. The Node.js equivalent lib/npm/node-install.ts includes a robu...