Blog: add update to Security CI incident

[RafaelGSS]

cc: @nodejs/tsc

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
nodejs-org	✅ Ready (Inspect)	Visit Preview	Apr 23, 2025 2:26pm

[avivkeller]

FYI for Node.js Website Team (Unrelated to contents of this PR):
https://nodejs-org-git-security-incident-update-openjs.vercel.app/en/feed/vulnerability.xml shows #7648 in action

[github-actions]

Lighthouse Results

URL	Performance	Accessibility	Best Practices	SEO	Report
/en	🟢 99	🟢 100	🟢 100	🟢 91	🔗
/en/about	🟢 100	🟢 100	🟢 100	🟢 91	🔗
/en/about/previous-releases	🟢 99	🟢 100	🟢 100	🟢 92	🔗
/en/download	🟢 98	🟢 100	🟢 96	🟢 91	🔗
/en/blog	🟢 100	🟢 100	🟢 96	🟢 92	🔗

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@d9c0508). Learn more about missing BASE report.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7658   +/-   ##
=======================================
  Coverage        ?   74.61%           
=======================================
  Files           ?       96           
  Lines           ?     7689           
  Branches        ?      192           
=======================================
  Hits            ?     5737           
  Misses          ?     1950           
  Partials        ?        2           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[RafaelGSS]

FYI, I might not be available next week. Feel free to merge this PR on Monday.

[mcollina]

I need to send some edit, will do asap.

[mhdawson]

LGTM

[mcollina]

@nodejs/nodejs-website can someone help me sorting out the linting here? This is exactly like we want it.

[mcollina]

lgtm

[avivkeller]

@nodejs/nodejs-website can someone help me sorting out the linting here?

You need to run npm format.

This is exactly like we want it.

What does npm format do that isn't acceptable?

[mcollina]

@node-core/website:lint: @node-core/website:lint:md: cache hit, replaying logs c9d8947053a45b98
@node-core/website:lint: @node-core/website:lint:md:
@node-core/website:lint: @node-core/website:lint:md:
@node-core/website:lint: @node-core/website:lint:md: > lint:md
@node-core/website:lint: @node-core/website:lint:md: > eslint "**/*.md?(x)" --cache --cache-strategy=content --cache-location=.eslintmdcache
@node-core/website:lint: @node-core/website:lint:md:
@node-core/website:lint:
@node-core/website:lint: @node-core/website:lint:md: /Users/matteo/repos/nodejs.org/apps/site/pages/en/blog/vulnerability/march-2025-ci-incident.md
@node-core/website:lint: @node-core/website:lint:md:   70:1  warning  {"reason":"Unexpected duplicate toplevel heading, exected a single heading with rank `1`","source"@node-core/website:lint: no-multiple-toplevel-headings","severity":1}  mdx/remark
@node-core/website:lint: @node-core/website:lint:md:
@node-core/website:lint: @node-core/website:lint:md: ✖ 1 problem (0 errors, 1 warning)
@node-core/website:lint: @node-core/website:lint:md:   0 errors and 1 warning potentially fixable with the `--fix` option.
@node-core/website:lint: @node-core/website:lint:md:

Note that the content is correct.

[avivkeller]

Can you run prettier on the content? The ESLint issue is just a warning, and wouldn't fail the quality checks

[mcollina]

lgtm