Skip to content

Commit

Permalink
doc: remove reference to obsolete security program
Browse files Browse the repository at this point in the history
The ecosystem security program via HackerOne is no longer a thing.
Remove mention of it from SECURITY.md.

PR-URL: nodejs#42144
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
  • Loading branch information
Trott authored and sxa committed Mar 7, 2022
1 parent 4e9fac6 commit ce86fc3
Showing 1 changed file with 1 addition and 8 deletions.
9 changes: 1 addition & 8 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,7 @@ the HackerOne platform. See <https://hackerone.com/nodejs> for further details.
## Reporting a bug in a third party module

Security bugs in third party modules should be reported to their respective
maintainers and should also be coordinated through the Node.js Ecosystem
Security Team via [HackerOne](https://hackerone.com/nodejs-ecosystem).

Details regarding this process can be found in the
[Security Working Group repository](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md).

Thank you for improving the security of Node.js and its ecosystem. Your efforts
and responsible disclosure are greatly appreciated and will be acknowledged.
maintainers.

## Disclosure policy

Expand Down

0 comments on commit ce86fc3

Please sign in to comment.