[Pkg-javascript-devel] Embedded modules more than once

Nicolas Mora nicolas at babelouest.org
Thu Sep 3 16:40:54 BST 2020


Le 20-09-03 à 10 h 33, Xavier a écrit :
>> A second step would be to report all embedded code to the security team 
>> - see https://wiki.debian.org/EmbeddedCopies
> 
> Partially done
> 
Awesome!

>> A third step would be to ask the security team how we might better help 
>> them handle this¹ issue (because I highly doubt that reporting in the 
>> current form is enough for the security team to reliably track issues: 
>> the seem not efficiently machine-readable).
> 
> I'll try to automate some things around this future tool and `npm
> audit`. I need also to update lintian to get `nodejs-module` results for
> non JS Team packages.
> 
Do you need help on that part?

/Nicolas



More information about the Pkg-javascript-devel mailing list