[Pkg-javascript-devel] Embedded modules more than once
Nicolas Mora
nicolas at babelouest.org
Thu Sep 3 16:40:54 BST 2020
Le 20-09-03 à 10 h 33, Xavier a écrit :
>> A second step would be to report all embedded code to the security team
>> - see https://wiki.debian.org/EmbeddedCopies
>
> Partially done
>
Awesome!
>> A third step would be to ask the security team how we might better help
>> them handle this¹ issue (because I highly doubt that reporting in the
>> current form is enough for the security team to reliably track issues:
>> the seem not efficiently machine-readable).
>
> I'll try to automate some things around this future tool and `npm
> audit`. I need also to update lintian to get `nodejs-module` results for
> non JS Team packages.
>
Do you need help on that part?
/Nicolas
More information about the Pkg-javascript-devel
mailing list