Security-wg: Standarize the format of vulnerabilities on core and npm databases

Created on 22 Mar 2018  Â·  10Comments  Â·  Source: nodejs/security-wg

There are few discrepancies in core and npm databases:

For example dates are inconsistent across different files. We should document the format and add CI to validate PRs. @vdeturckheim I think you did some work on this with Joi validators.

DB enhancement good first issue help wanted

Most helpful comment

dd-mm-yyyy

yyyy-mm-dd? That's what we now have for part of the reports, also that doesn't get mixed up in US vs the rest of the world. Also, sortable ;-).

All 10 comments

Here is the Joi schema: https://github.com/nodejs/security-wg/pull/102/files#diff-5b7a60d6cbe47068f950c8112a7c2a54R22

What format do you believe we should keep for dates @dgonzalez ? The Joi validation has been retro-engineered from what we had, but maybe it is time we make the change we want to the format before the db gets too big.

I am ok with the dd-mm-yyyy or similar. Hour does not bring too much value.

On 28 March 2018 at 13:53, Vladimir de Turckheim notifications@github.com
wrote:

What format do you believe we should keep for dates @dgonzalez
https://github.com/dgonzalez ? The Joi validation has been
retro-engineered from what we had, but maybe it is time we make the change
we want to the format before the db gets too big.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/nodejs/security-wg/issues/171#issuecomment-376875481,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAHkOshLIYETHIomAF2_5oCOqFDDWtTyks5ti4ezgaJpZM4S3pAT
.

dd-mm-yyyy

yyyy-mm-dd? That's what we now have for part of the reports, also that doesn't get mixed up in US vs the rest of the world. Also, sortable ;-).

I'm usually pro yyyy-mm-dd ^^

Works for me.

On 28 March 2018 at 13:56, Vladimir de Turckheim notifications@github.com
wrote:

I'm usually pro yyyy-mm-dd ^^

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/nodejs/security-wg/issues/171#issuecomment-376876600,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAHkOn689bEdDbloPfi_mdUD3UNIc7auks5ti4iNgaJpZM4S3pAT
.

yep

sorry, accidentally hit the wrong button

can this be closed now that #216 has landed?

Yes this is done.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

MarcinHoppe picture MarcinHoppe  Â·  28Comments

mhdawson picture mhdawson  Â·  23Comments

mcollina picture mcollina  Â·  22Comments

sam-github picture sam-github  Â·  33Comments

dgonzalez picture dgonzalez  Â·  30Comments