-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: security post release blogpost #785
feat: security post release blogpost #785
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #785 +/- ##
==========================================
- Coverage 83.08% 82.97% -0.12%
==========================================
Files 37 37
Lines 4251 4200 -51
==========================================
- Hits 3532 3485 -47
+ Misses 719 715 -4 ☔ View full report in Codecov by Sentry. |
4a6802e
to
725b4e2
Compare
725b4e2
to
ff08370
Compare
ff08370
to
cd2b5b8
Compare
once this lands: #788 we can automatically pull in dependencies and openssl updates |
blocked by: #788 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried it today and it seems to have a lint error when updating the file.
Also, update use the vulnerabilities.json to read the date and patch author
0db4650
to
2fe2b9b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Check lint please
This is a minor inconsistency note, but we used to add
but didn't in the two most recent releases: |
I thought that's for when the security release is delayed |
lint seems to pass locally what command are you running? |
f72ecc9
to
da383ba
Compare
da383ba
to
585007a
Compare
I thought we also did that to denote the update from the pre-announcement. |
IIRC we are using * instead of - for listing vulnerabilities (or the inverse 😅) and the linter of nodejs.org complains. Try to create a real example with vulnerabilities and run lint |
@marco-ippolito do you need some help here? |
Feel free to take over |
Also thir PR should fix https://github.com/nodejs-private/security-release/issues/27 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
late LGTM 😄
Pos release blogpost
cc @RafaelGSS
Fixes: https://github.com/nodejs-private/security-release/issues/27