diff --git a/package.json b/package.json
index e2e0d11ccfa..d5e9746bfcf 100644
--- a/package.json
+++ b/package.json
@@ -1249,10 +1249,6 @@
   },
   "packageManager": "pnpm@10.32.1",
   "pnpm": {
-    "minimumReleaseAge": 2880,
-    "minimumReleaseAgeExclude": [
-      "@mariozechner/*"
-    ],
     "overrides": {
       "hono": "4.12.9",
       "@hono/node-server": "1.19.10",
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
index e076fb0a4c4..f7182e1ccf2 100644
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -4,6 +4,13 @@ packages:
   - packages/*
   - extensions/*
 
+# Delay new releases by 48h to reduce exposure to compromised packages,
+# while allowing our explicitly trusted Pi packages to update immediately.
+minimumReleaseAge: 2880
+
+minimumReleaseAgeExclude:
+  - "@mariozechner/*"
+
 onlyBuiltDependencies:
   - "@lydell/node-pty"
   - "@matrix-org/matrix-sdk-crypto-nodejs"