Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rename eslint-plugin-prebid to eslint-plugin-prebidjs #12260

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

rename eslint-plugin-prebid to eslint-plugin-prebidjs #12260

wants to merge 1 commit into from

Conversation

renebaudisch
Copy link
Contributor

Type of change

  • Refactoring (no functional changes, no api changes)

Description of change

rename eslint-plugin-prebid to eslint-plugin-prebidjs to separate this local module from the vulnerable npm clone

Other information

Fixes (and should eventually close):

@renebaudisch renebaudisch mentioned this pull request Sep 20, 2024
Merged
1 task
@ChrisHuie ChrisHuie self-requested a review September 20, 2024 13:45
@ChrisHuie ChrisHuie self-assigned this Sep 20, 2024
@patmmccann
Copy link
Collaborator

Doesn't this just invite someone to publish malware to the new location?

@renebaudisch
Copy link
Contributor Author

Good point... but, what could be done then?
How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

@patmmccann
Copy link
Collaborator

patmmccann commented Sep 23, 2024
edited
Loading

that could work, i'll keep this unmerged while we explore with npm

can you merge in master? I merged the dependency pr you did.

@patmmccann
Copy link
Collaborator

patmmccann commented Sep 24, 2024
edited
Loading

How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

open to this and/or upgrading the linter. What's the next step?

@renebaudisch
Copy link
Contributor Author

How about publishing the module within the new namespace to npm to avoid someone hijacking the namespace?

open to this and/or upgrading the linter. What's the next step?

Someone needs to publish this lint-module to npm:
publishing-unscoped-public-packages or
publishing-scoped-public-packages

But as I'm not the author of this plugin, I'm not comfortable doing this by myself...

@renebaudisch
rename eslint-plugin-prebid to eslint-plugin-prebidjs (to separate th…
3863072 
…is local module from the vulnerable npm clone)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChrisHuie ChrisHuie Awaiting requested review from ChrisHuie

At least 1 approving review is required to merge this pull request.

Assignees

@ChrisHuie ChrisHuie

Labels
maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@renebaudisch @patmmccann @ChrisHuie