Page MenuHomePhabricator
Create Task
Maniphest T271132

Ensure that all deployed nodejs services have regular dependency security scanning
Open, Needs TriagePublic
Actions

Description

LibUp currently scans and reports on all repositories under the mediawiki/services/* hierarchy on Gerrit, but not all services are under that (e.g. termbox).

We should sync with https://gerrit.wikimedia.org/r/plugins/gitiles/operations/deployment-charts/+/refs/heads/master/helmfile.d/services/ and make sure everything in there is in the LibUp configuration.

Event Timeline

Legoktm created this task.Jan 4 2021, 6:20 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 4 2021, 6:20 PM
Jdforrester-WMF subscribed.Jan 4 2021, 6:22 PM
Legoktm added a comment.Jan 4 2021, 6:45 PM

I think the missing repos appear to be:

  • wikibase/termbox
  • eventgate-wikimedia
  • research/mwaddlink (written in Python)
  • blubber (golang)
jijiki moved this task from Incoming 🐫 to 🙈🙉🙊Backlog on the serviceops board.Sep 28 2022, 2:24 PM
jijiki moved this task from 🙈🙉🙊Backlog to ⎈Kubernetes on the serviceops board.Nov 15 2022, 9:06 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL