File tree Expand file tree Collapse file tree 2 files changed +21
-0
lines changed Expand file tree Collapse file tree 2 files changed +21
-0
lines changed Original file line number Diff line number Diff line change @@ -36,6 +36,7 @@ LICENSE @nodejs/tsc
3636GOVERNANCE.md @ nodejs/tsc
3737CONTRIBUTING.md @ nodejs/nodejs-website @ nodejs/web-infra
3838docs @ nodejs/nodejs-website @ nodejs/web-infra
39+ SECURITY.md @ nodejs/security-wg
3940
4041# Node.js Release Blog Posts
4142apps /site /pages /en /blog /release @ nodejs/releasers
Original file line number Diff line number Diff line change 1+ # Security
2+
3+ ## Reporting a vulnerability to Node.js Website
4+
5+ Please report security issues ** privately** using the ** GitHub Security Advisory**
6+ workflow ([ Security → “Report a vulnerability”] ( https://github.com/nodejs/nodejs.org/security/advisories/new ) ).
7+
8+ Do ** not** open a public GitHub issue for security problems.
9+
10+ We aim to acknowledge reports within ** 7 business days** .
11+ If you do ** not** receive an acknowledgement within ** 7 business days** ,
12+ forward your report to
** [ [email protected] ] ( mailto:[email protected] ) ** .
13+
14+ ## Disclosure & advisories
15+
16+ Confirmed vulnerabilities will be published as a ** GitHub Security Advisory**
17+ (and assigned a CVE when applicable). Notices are also shared via:
18+
19+ - Node.js blog advisories: [ https://nodejs.org/blog/vulnerability/ ] ( https://nodejs.org/blog/vulnerability/ )
20+ when necessary.
You can’t perform that action at this time.
0 commit comments