Change Details

Running `npm ci` is dangerous. See [[ https://timotijhof.net/posts/2019/protect-yourself-from-npm/ | How to protect yourself from npm ]]. We do it in multiple pages: - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_MediaWiki-Docker - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_Beta_cluster - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_Beta_cluster_using_Sauce_Labs - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant_using_Sauce_Labs The advantage of installing dependencies in a container or virtual machine is security, but then debugging with the browser open becomes impossible. For now I've added a warning to all pages that `npm ci` is not safe.

Running `npm ci` is dangerous. See [[ https://timotijhof.net/posts/2019/protect-yourself-from-npm/ | How to protect yourself from npm ]]. We do it in multiple pages: - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_MediaWiki-Docker - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_Beta_cluster - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_Beta_cluster_using_Sauce_Labs - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant_using_Sauce_Labs The advantage of installing dependencies in a container or virtual machine is security, but then debugging with the browser open becomes impossible. Pages about debugging (one of them is just a draft for now): - https://www.mediawiki.org/wiki/Selenium/How-to/Debug_with_Visual_Studio_Code - https://www.mediawiki.org/wiki/Selenium/How-to/Debug_with_browser.debug() For now I've added a warning to all pages that `npm ci` is not safe.

Running `npm ci` is dangerous. See [[ https://timotijhof.net/posts/2019/protect-yourself-from-npm/ | How to protect yourself from npm ]]. We do it in multiple pages: - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_MediaWiki-Docker - https://www.mediawiki.org/wiki/Selenium/Getting_Started/Run_tests_targeting_Beta_cluster - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_Beta_cluster_using_Sauce_Labs - https://www.mediawiki.org/wiki/Selenium/How-to/Run_tests_targeting_MediaWiki-Vagrant_using_Sauce_Labs The advantage of installing dependencies in a container or virtual machine is security, but then debugging with the browser open becomes impossible. Pages about debugging (one of them is just a draft for now): - https://www.mediawiki.org/wiki/Selenium/How-to/Debug_with_Visual_Studio_Code - https://www.mediawiki.org/wiki/Selenium/How-to/Debug_with_browser.debug() For now I've added a warning to all pages that `npm ci` is not safe.