Prebid.js icon indicating copy to clipboard operation
Prebid.js copied to clipboard
verified publisher icon prebid

rename eslint-plugin-prebid to eslint-plugin-prebidjs

Open renebaudisch opened this issue 1 year ago • 5 comments

Type of change

  • [X] Refactoring (no functional changes, no api changes)

Description of change

rename eslint-plugin-prebid to eslint-plugin-prebidjs to separate this local module from the vulnerable npm clone

Other information

Fixes (and should eventually close):

renebaudisch avatar Sep 19 '24 13:09 renebaudisch

Doesn't this just invite someone to publish malware to the new location?

patmmccann avatar Sep 22 '24 17:09 patmmccann

Good point... but, what could be done then? How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

renebaudisch avatar Sep 23 '24 07:09 renebaudisch

that could work, i'll keep this unmerged while we explore with npm

can you merge in master? I merged the dependency pr you did.

patmmccann avatar Sep 23 '24 14:09 patmmccann

How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

open to this and/or upgrading the linter. What's the next step?

patmmccann avatar Sep 24 '24 14:09 patmmccann

How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

open to this and/or upgrading the linter. What's the next step?

Someone needs to publish this lint-module to npm: publishing-unscoped-public-packages or publishing-scoped-public-packages

But as I'm not the author of this plugin, I'm not comfortable doing this by myself...

renebaudisch avatar Sep 24 '24 15:09 renebaudisch