Track security issues for the translation platform
Type of work:
The translation platform currently runs software that doesn't come from Debian (Weblate + dependencies), and we currently have no way to track security issues for them.
Some ways to deal with this are:
- Develop a way to automatically get notified and maintain and enforce a workflow to manually upgrade when needed.
- Invest time into packaging more Weblate dependencies and trust package maintainers to do a good job.
- Other possibilities?
#1 Updated by zen about 1 month ago
- Create a script that fetches versions from Github and checks for patches for the current running version (i.e. filter for major.minor and check if there are bigger versions available).
- Use an online API to check for CVEs for Weblate (example: https://www.circl.lu/services/cve-search).