security-reviews icon indicating copy to clipboard operation
security-reviews copied to clipboard
verified publisher icon ossf

Consider integrating with NPM Security Advisories

Open scovetta opened this issue 4 years ago • 2 comments

The NPM Security Advisories database is available on GitHub (as structured data) at https://github.com/nodejs/security-advisories. We should consider whether periodically refreshing this content would be a good idea.

scovetta avatar Feb 13 '21 03:02 scovetta

@scovetta If you open this repo at https://github.com/dilanbhalla/security-advisories and click on the "reviews" folder you will see the 461 converted npm security reviews! There were 6 the script wasn't able to parse, so I'll take a look at those separately.

dilanbhalla avatar Feb 15 '21 09:02 dilanbhalla

At the 2/18 WG meeting we agreed to continue the conversation about this at our next WG meeting in early March.

scovetta avatar Feb 19 '21 07:02 scovetta

Closing, stale -- npm advisories are now rolled into GitHub advisories.

scovetta avatar Sep 04 '22 15:09 scovetta