Michael created this task. Michael added projects: Wikidata, wdwb-tech-focus, Wikidata Query UI. Restricted Application added a subscriber: Aklapper.
TASK DESCRIPTION The wikidata-query-gui still uses grunt to run its tests, build itself, and deploy itself. Some packages in this pipeline are completely unmaintained like grunt-usemin <https://github.com/yeoman/grunt-usemin>. `grunt-usemin` has a old version of lodash in its dependency chain which causes security alerts in `npm audit` due to Prototype Pollution. While this is not a security issue for us, it is noise in the `npm audit` reports and the weekly dependabot security emails. TASK DETAIL https://phabricator.wikimedia.org/T274626 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Michael Cc: Aklapper, Michael, MPhamWMF, CBogen, Akuckartz, Nandana, Namenlos314, Lahi, Gq86, Lucas_Werkmeister_WMDE, GoranSMilovanovic, Mahir256, QZanden, EBjune, merbst, LawExplorer, Salgo60, _jensen, rosalieper, Scott_WUaS, Jonas, Xmlizer, jkroll, Wikidata-bugs, Jdouglas, aude, Tobias1984, Manybubbles, Lydia_Pintscher, Addshore, Mbch331
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
