Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Andrius Merkys
Hi Xavier, On 2020-09-03 15:54, Xavier wrote: > buffer-equal: > - node-buffer-equal (1.0.0) > - node-vinyl-fs (1.0.0) Does this (and the like) mean that is now packaged as node-? If so, such embedded modules might be removed. Best, Andrius -- Pkg-javascript-devel mailing list Pkg-

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Andrius Merkys (2020-09-03 14:59:38) > On 2020-09-03 15:54, Xavier wrote: > > buffer-equal: > > - node-buffer-equal (1.0.0) > > - node-vinyl-fs (1.0.0) > > Does this (and the like) mean that is now packaged as > node-? If so, such embedded modules might be removed. Why only "

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Xavier
Le 03/09/2020 à 14:59, Andrius Merkys a écrit : > Hi Xavier, > > On 2020-09-03 15:54, Xavier wrote: >> buffer-equal: >> - node-buffer-equal (1.0.0) >> - node-vinyl-fs (1.0.0) > > Does this (and the like) mean that is now packaged as > node-? If so, such embedded modules might be remove

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Xavier
Le 03/09/2020 à 15:36, Xavier a écrit : > Le 03/09/2020 à 14:59, Andrius Merkys a écrit : >> Hi Xavier, >> >> On 2020-09-03 15:54, Xavier wrote: >>> buffer-equal: >>> - node-buffer-equal (1.0.0) >>> - node-vinyl-fs (1.0.0) >> >> Does this (and the like) mean that is now packaged as >> node

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Andrius Merkys
On 2020-09-03 16:23, Jonas Smedegaard wrote: > Quoting Andrius Merkys (2020-09-03 14:59:38) >> On 2020-09-03 15:54, Xavier wrote: >>> buffer-equal: >>> - node-buffer-equal (1.0.0) >>> - node-vinyl-fs (1.0.0) >> Does this (and the like) mean that is now packaged as >> node-? If so, such

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Xavier (2020-09-03 15:43:24) > Le 03/09/2020 à 15:36, Xavier a écrit : > > Le 03/09/2020 à 14:59, Andrius Merkys a écrit : > >> Hi Xavier, > >> > >> On 2020-09-03 15:54, Xavier wrote: > >>> buffer-equal: > >>> - node-buffer-equal (1.0.0) > >>> - node-vinyl-fs (1.0.0) > >> > >> Does

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Xavier
Le 03/09/2020 à 16:02, Jonas Smedegaard a écrit : > Quoting Xavier (2020-09-03 15:43:24) >> Le 03/09/2020 à 15:36, Xavier a écrit : >>> Le 03/09/2020 à 14:59, Andrius Merkys a écrit : Hi Xavier, On 2020-09-03 15:54, Xavier wrote: > buffer-equal: > - node-buffer-equal (1.0

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Nicolas Mora
Hello, Concerning embedded modules, this raises me another question. Le 20-09-03 à 08 h 54, Xavier a écrit : > serialize-javascript: > - node-compression-webpack-plugin (1.9.1) > - node-copy-webpack-plugin (1.4.0) > - node-uglifyjs-webpack-plugin (1.7.0) A CVE was recently pub

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Andrius Merkys (2020-09-03 15:54:30) > On 2020-09-03 16:23, Jonas Smedegaard wrote: > > Quoting Andrius Merkys (2020-09-03 14:59:38) > >> On 2020-09-03 15:54, Xavier wrote: > >>> buffer-equal: > >>> - node-buffer-equal (1.0.0) > >>> - node-vinyl-fs (1.0.0) > >> Does this (and th

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Xavier (2020-09-03 16:06:01) > Le 03/09/2020 à 16:02, Jonas Smedegaard a écrit : > > Quoting Xavier (2020-09-03 15:43:24) > >> Le 03/09/2020 à 15:36, Xavier a écrit : > >>> Le 03/09/2020 à 14:59, Andrius Merkys a écrit : > Hi Xavier, > > On 2020-09-03 15:54, Xavier wrote: > >

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Nicolas Mora (2020-09-03 15:49:32) > Hello, > > Concerning embedded modules, this raises me another question. > > Le 20-09-03 à 08 h 54, Xavier a écrit : > > > serialize-javascript: > > - node-compression-webpack-plugin (1.9.1) > > - node-copy-webpack-plugin (1.4.0) > >

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Xavier
Le 03/09/2020 à 16:28, Jonas Smedegaard a écrit : > Quoting Nicolas Mora (2020-09-03 15:49:32) >> Hello, >> >> Concerning embedded modules, this raises me another question. >> >> Le 20-09-03 à 08 h 54, Xavier a écrit : >> >>> serialize-javascript: >>> - node-compression-webpack-plugin (1.9.1)

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Jonas Smedegaard
Quoting Xavier (2020-09-03 16:33:10) > Le 03/09/2020 à 16:28, Jonas Smedegaard a écrit : > > Quoting Nicolas Mora (2020-09-03 15:49:32) > >> Hello, > >> > >> Concerning embedded modules, this raises me another question. > >> > >> Le 20-09-03 à 08 h 54, Xavier a écrit : > >> > >>> serialize-javascri

Re: [Pkg-javascript-devel] Embedded modules more than once

2020-09-03 Thread Nicolas Mora
Le 20-09-03 à 10 h 33, Xavier a écrit : >> A second step would be to report all embedded code to the security team >> - see https://wiki.debian.org/EmbeddedCopies > > Partially done > Awesome! >> A third step would be to ask the security team how we might better help >> them handle this¹ issue