Jakob_WMDE removed Jakob_WMDE as the assignee of this task. Jakob_WMDE moved this task from Doing to Peer Review on the Wikidata-Campsite (Wikidata-Campsite-Iteration-∞) board. Jakob_WMDE added a comment.
I went through the list provided in T244001#6904372 <https://phabricator.wikimedia.org/T244001#6904372> and for each of them checked whether they contained one or more package.json files and whether the dependencies in that file are automatically audited. For the Github ones I only checked whether Dependabot is //enabled//. (Not sure if there is a way to have it enabled but not do anything useful.) In one case (wikit) I know that it's enabled but not auditing nested packages and marked that in the spreadsheet. For the gerrit ones I checked https://gerrit.wikimedia.org/r/plugins/gitiles/labs/libraryupgrader/config/+/refs/heads/master/repositories.json which contained very few of the repositories. I'm not sure whether I'm missing something there. https://libraryupgrader2.wmcloud.org/vulns/npm?branch=master contains some repositories which aren't the the aforementioned repositories.json config. Spreadsheet: https://docs.google.com/spreadsheets/d/1ZAo5o6aTyfSRuMoQWjwoXeWTk-m61Py8_k46VZw_5yM/edit TASK DETAIL https://phabricator.wikimedia.org/T244001 WORKBOARD https://phabricator.wikimedia.org/project/board/3539/ EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Jakob_WMDE Cc: Jakob_WMDE, wiese, Tonina_Zhelyazkova_WMDE, Pablo-WMDE, Ladsgroup, Addshore, WMDE-leszek, Aklapper, Tarrow, maantietaja, Alter-paule, Beast1978, Un1tY, Akuckartz, Sarai-WMDE, Hook696, Iflorez, Kent7301, alaa_wmde, joker88john, CucyNoiD, Nandana, Gaboe420, Giuliamocci, Cpaulf30, Lahi, Gq86, Af420, Bsandipan, GoranSMilovanovic, QZanden, LawExplorer, Lewizho99, Maathavan, _jensen, rosalieper, Scott_WUaS, Jonas, abian, Wikidata-bugs, aude, Lydia_Pintscher, Mbch331
_______________________________________________ Wikidata-bugs mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
