Addshore added a comment.
In terms of the technical solution, this would only be to serve us a notification, not to do the actual fix. So upon notification then someone would need to go look at the result of the audit and determine what libraries need updating etc. > what is not yet defined is what to do in cases where trivial automated fix are not sufficient Thus this bit would be done on a case by case basis. The jenkins job for the root of wikibase has actually been running for over a year now! https://integration.wikimedia.org/ci/job/wikibase-daily-npm-audit-daily-node10-npmaudit-docker I actually can't see that it has failed all year (probably because library upgrader also runs on the root of the repo updating the easy things that can be) TASK DETAIL https://phabricator.wikimedia.org/T244001 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Addshore Cc: Tonina_Zhelyazkova_WMDE, Pablo-WMDE, Ladsgroup, Addshore, WMDE-leszek, Aklapper, Tarrow, wiese, Alter-paule, Beast1978, Un1tY, Akuckartz, Sarai-WMDE, Hook696, Kent7301, joker88john, CucyNoiD, Nandana, Gaboe420, Giuliamocci, Cpaulf30, Lahi, Gq86, Af420, Bsandipan, GoranSMilovanovic, QZanden, LawExplorer, Lewizho99, Maathavan, _jensen, rosalieper, Scott_WUaS, Jonas, abian, Wikidata-bugs, aude, Lydia_Pintscher, Mbch331
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
