diff --git a/README.md b/README.md
index 1f5801f..3517c1a 100755
--- a/README.md
+++ b/README.md
@@ -26,14 +26,14 @@ We use `>=yarn@1.13.0`, keep on mind we use lock file.
 
 For development run the following command, it will execute `webpack` and `verdaccio` to
 
-```
+```bash
 yarn dev
 ```
 The configuration file is located on `tools/_config.yaml`.
 
 Run linting tooling and test to check your code is clean before commit.
 
-```
+```bash
 yarn lint && yarn test
 ```
 
diff --git a/package.json b/package.json
index 88faa96..ab59c03 100644
--- a/package.json
+++ b/package.json
@@ -3,12 +3,14 @@
   "version": "0.3.0",
   "description": "Verdaccio User Interface",
   "author": {
-    "name": "Verdaccio Core Team"
+    "name": "Verdaccio Core Team",
+    "email": "verdaccio.npm@gmail.com"
   },
   "repository": {
     "type": "git",
     "url": "git://github.com/verdaccio/ui"
   },
+  "homepage": "https://verdaccio.org",
   "main": "index.js",
   "devDependencies": {
     "@commitlint/cli": "8.2.0",
@@ -35,6 +37,7 @@
     "codecov": "3.6.1",
     "concurrently": "4.1.2",
     "cross-env": "6.0.0",
+    "detect-secrets": "1.0.4",
     "css-loader": "3.2.0",
     "date-fns": "1.30.1",
     "emotion": "9.2.12",
@@ -65,6 +68,7 @@
     "js-base64": "2.5.1",
     "js-yaml": "3.13.1",
     "lint-staged": "8.2.1",
+    "lockfile-lint": "2.0.1",
     "localstorage-memory": "1.0.3",
     "mini-css-extract-plugin": "0.8.0",
     "node-mocks-http": "1.8.0",
@@ -149,9 +153,10 @@
     "test:acceptance:server": "concurrently --kill-others \"npm run verdaccio:server\" \"npm run test:acceptance\"",
     "test": "cross-env NODE_ENV=test BABEL_ENV=test TZ=UTC jest --config ./jest/jest.config.js --maxWorkers 2 --passWithNoTests",
     "test:size": "bundlesize",
-    "lint": "npm run lint:js && npm run lint:css",
+    "lint": "npm run lint:js && npm run lint:css && npm run lint:lockfile",
     "lint:js": "npm run type-check && eslint . --ext .js,.ts,.tsx",
     "lint:css": "stylelint \"src/**/styles.ts\"",
+    "lint:lockfile": "lockfile-lint --path yarn.lock --type yarn --validate-https --allowed-hosts verdaccio npm yarn",
     "coverage:publish": "codecov",
     "pre:webpack": "rimraf static/*",
     "prepublish": "in-publish && npm run build || not-in-publish",
@@ -176,10 +181,11 @@
     "relative": true,
     "linters": {
       "*.{js,tsx,ts}": [
-        "eslint",
+        "eslint .",
         "prettier --write"
       ],
       "*": [
+        "detect-secrets-launcher --baseline .secrets-baseline",
         "git add"
       ]
     },
diff --git a/yarn.lock b/yarn.lock
index 890e710..0ea0f94 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4539,6 +4539,14 @@ detect-node@^2.0.4:
   resolved "https://registry.verdaccio.org/detect-node/-/detect-node-2.0.4.tgz#014ee8f8f669c5c58023da64b8179c083a28c46c"
   integrity sha512-ZIzRpLJrOj7jjP2miAtgqIfmzbxa4ZOr5jJc601zklsfEx9oTzmmj2nVpIPRpNlRTIh8lc1kyViIY7BWSGNmKw==
 
+detect-secrets@1.0.4:
+  version "1.0.4"
+  resolved "https://registry.verdaccio.org/detect-secrets/-/detect-secrets-1.0.4.tgz#28dd8630d8577f6e5b508143272529eed34d2d7c"
+  integrity sha512-XfVywZNrmj5lJqJQb+L9a5C31+XLy7sgoBV5eySUL2oIUbZjdFbLLxVT0010OU1vSpnoLDbJxIEoDNR3iRq8ng==
+  dependencies:
+    debug "^4.1.0"
+    which "^1.3.1"
+
 diacritic@0.0.2:
   version "0.0.2"
   resolved "https://registry.verdaccio.org/diacritic/-/diacritic-0.0.2.tgz#fc2a887b5a5bc0a0a854fb614c7c2f209061ee04"