On Tue, Dec 22, 2020 at 10:24 PM Adrian Bunk wrote: > To me it always feels as if these ecosystems are not interested in > providing any support for that.
NPM at least provides security advisories. I used to try syncing those to the Debian sectracker but don't bother now as it is too much work to do manually and I don't think the Debian secteam want automatic importing of non-CVE security issue databases. https://www.npmjs.com/advisories -- bye, pabs https://wiki.debian.org/PaulWise
