CONCEPT Cited by 1 source

Global code freeze

Definition

An organization-wide halt of all non-critical code merges and deployments, imposed as a containment measure during a security incident. The freeze prevents further propagation of compromised code and ensures that auditing covers a fixed, non-moving target.

Grafana's implementation (2026)

During the TanStack supply chain incident, Grafana Labs imposed a global freeze on May 18 (2 days after incident declaration). The freeze lasted ~8 days. Repositories could only "thaw" after meeting two conditions:

1. Full commit review completed for that repo
2. Transition to the token-broker credential model (eliminating long-lived secrets)

This gated-thaw approach turns the code freeze into a forcing function for architectural hardening — repos can't resume normal operation until they've adopted the new security posture (Source: sources/2026-06-24-grafana-post-incident-review-tanstack-npm-supply-chain-ransom).

Trade-offs

• Benefit: Containment guarantee + forcing function for remediation adoption
• Cost: Engineering velocity drops to zero for non-security work; ~8 days of lost productivity across the entire organization
• Mitigation: Grafana ran an "all-engineering security hardening week" during the freeze, redirecting energy to the audit/hardening workstream

Seen in

• sources/2026-06-24-grafana-post-incident-review-tanstack-npm-supply-chain-ransom — 8-day global freeze gated on token-broker transition