Vulnerability RSS feed reuses same page/URL/guid so RSS watchers aren't notified when new security releases are available #5996
Comments
|
thanks for the report - i can seee how the current process of reuse leads to this. I and others need to research what you describe as a way to cache bust this |
|
Not sure if it'd work, but my first theory was possibly converting the Date.parse("Fri, 13 Oct 2023 13:30:00 GMT").getTime()
// 1697203800000<item>
<title>
<![CDATA[ Friday October 13 2023 Security Releases ]]>
</title>
<link>https://nodejs.org/en/blog/vulnerability/october-2023-security-releases#1697203800000</link>
<guid isPermaLink="false">/blog/vulnerability/october-2023-security-releases#1697203800000</guid>
<pubDate>Fri, 13 Oct 2023 13:30:00 GMT</pubDate>
</item> |
That sounds like a doable fix. Pretty much appending an unix timestamp to the URL? I believe that can easily be done. Would you be inclined by opening a PR? |
Enter your suggestions in details:
Sorry, possibly a bit of an edge case here... I just added https://nodejs.org/en/feed/vulnerability.xml to one of our company's Slack channels so we get pinged in-channel about new security updates.
So far so good. But apparently 30 minutes ago the new Node 18+20 builds were ready but the RSS didn't update to trigger Slack updates.
guidor newlinktag, but looks like neither changed when the new releases were available since the page was updated, not a new page.I could instead follow https://nodejs.org/en/feed/releases.xml for new Node releases in our Slack RSS integration, but then that'd notify us on EVERY new release, not just sec-releases. Not sure if it's possible to modify the
guid/linkwith some hash or timestamp to cause it to invalidate when the page is updated. 🙏The text was updated successfully, but these errors were encountered: