On Sat, Sep 14, 2019 at 05:32:25PM +0200, Thorsten Bro wrote:
as I get (as one of the org admins) several security alerts (repeatedly) from GitHub were dependencies are old/outdated and a severe problem for some openSUSE projects (like e.g. OSEM, TSP or searchPage) which affects quite a number of openSUSE users.
Unfortunately, this needs to be enabled PER REPO that non-org-admins can see those alerts.
As I find it very important, that you security guys can see this [Robert, Johannes and Marcus - nospecificorderhere :)]
We agree :) That's why I became github owner a while ago and wrote a script that gives me all those vulnerabilities in a workable format. The mails unfortunately only contain a subset of the vulnerabilities. I contacted developers for each repo and am working with them to get the issues fixed. The ones you listed are my "problem childs" currently, but I'm on it. Thank you for offering :) Johannes -- GPG Key E7C81FA0 EE16 6BCE AD56 E034 BFB3 3ADD 7BF7 29D5 E7C8 1FA0 Subkey fingerprint: 250F 43F5 F7CE 6F1E 9C59 4F95 BC27 DD9D 2CC4 FD66 SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg Geschäftsführer: Felix Imendörffer (HRB 247165, AG München) -- To unsubscribe, e-mail: heroes+unsubscribe@opensuse.org To contact the owner, e-mail: heroes+owner@opensuse.org