Hides package versions published too recently from metadata responses, giving the community time to spot malicious releases. Configurable per-ecosystem and per-package with duration overrides. Supported for npm, PyPI, pub.dev, and Composer.
