+1 to this. I am glad to have enabled these back in March before the last two waves hit. In addition to that, make sure you have a lockfile committed to your repo and be mindful of adding new dependencies. Use `pnpm install --frozen-lockfile` to avoid surprises.

If you don't have min-release-age set, remember that you can still pull in affected packages via indirect dependencies.

And ideally pin your package manager version too.