This discussion is descoped from T199004: RFC: Add a frontend build step to skins/extensions to our deploy process
Previous: T257072: Determine Node package auditing workflows
Next step: T257068: Draft: RFC: Evaluate alternative Node package managers for improved package security
To improve security of NPM packages distributed to CI nodes and developers a Wikimedia managed package repository is considered.
This ticket is for discussing the workflows involved in managing such package repository.
TBD: Figure out what project tags apply. Help appreciated.