search

openjs-foundation / security-collab-space

a repository for documenting and coordinating the foundation's security collaboration space
Apache License 2.0
24 stars 8 forks source link

Pursue PVR and push protection on all Foundation projects #96

Closed ljharb closed 7 months ago

ljharb commented 9 months ago

Request projects to enable PVR and push protection for secrets (as well as branch protections), and whether they do it or not, document the current state in the dashboard.

### Tasks
- [ ] NativeScript
- [ ] AMP
- [ ] Architect
- [ ] Dojo
- [ ] Esprima
- [ ] Interledger.js
- [ ] Jed
- [ ] JerryScript
- [ ] libuv
- [ ] Marko
- [ ] MessageFormat
- [ ] Mocha
- [ ] Moment
- [ ] RequireJS
- [ ] Sizzle
- [ ] Webhint
- [x] Appium
- [ ] Fastify
- [ ] jQuery
- [ ] Node.js
- [x] nvm
- [ ] webpack
- [ ] Electron
- [ ] ESLint
- [ ] Express
- [ ] Globalize
- [ ] Grunt
- [ ] Intern
- [ ] jQuery UI
- [ ] Lodash
- [ ] LoopBack
- [ ] Node-RED
- [ ] QUnit
- [ ] WebdriverIO
mhdawson commented 9 months ago

What does PVR stand for. A quick google for PVR and GitHub did not return relevant topics.

ljharb commented 9 months ago

Private vulnerability reporting. It’s a native feature on github now.

mhdawson commented 9 months ago

@ljharb thanks.

ruddermann commented 7 months ago

This issue is being replaced with two new ones: