Re: Bug#842349: ITP: node-glob-base -- Returns an object with the (non-glob) base path and the actual pattern
On Sat, Oct 29, 2016 at 01:10:43PM +0800, Paul Wise wrote:
> On Sat, Oct 29, 2016 at 12:00 AM, Russ Allbery wrote:
>
> > such as patching Javascript for security vulnerabilities
>
> FYI, the Debian security team does not support the NodeJS ecosystem.
> We probably need more folks following Node security issues. Some of
> those are listed here:
>
> https://nodesecurity.io/advisories
That database looks like something easy to check, and since most if not all
Debian node.js packages use naming consistent with npm, it could be
automated. (Please tell me it already is.)
>From what I heard they pay little heed to security issues that apply to any
but the newest-and-greatest version so support for stretch when it's 5 years
old will be rather sketchy -- yet some fixes are better than none.
Meow!
--
A MAP07 (Dead Simple) raspberry tincture recipe: 0.5l 95% alcohol, 1kg
raspberries, 0.4kg sugar; put into a big jar for 1 month. Filter out and
throw away the fruits (can dump them into a cake, etc), let the drink age
at least 3-6 months.
Reply to: