From ce86fc3006004235cdcacfc93cbf69cbbaa9be00 Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Mon, 28 Feb 2022 20:40:12 -0800 Subject: [PATCH] doc: remove reference to obsolete security program MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The ecosystem security program via HackerOne is no longer a thing. Remove mention of it from SECURITY.md. PR-URL: https://github.com/nodejs/node/pull/42144 Reviewed-By: Luigi Pinca Reviewed-By: Benjamin Gruenbaum Reviewed-By: Matteo Collina Reviewed-By: Mestery Reviewed-By: Tobias Nießen Reviewed-By: Darshan Sen Reviewed-By: Danielle Adams Reviewed-By: Colin Ihrig Reviewed-By: Michael Dawson --- SECURITY.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 8e5e3c4fe80815..b22301a1f1d556 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -22,14 +22,7 @@ the HackerOne platform. See for further details. ## Reporting a bug in a third party module Security bugs in third party modules should be reported to their respective -maintainers and should also be coordinated through the Node.js Ecosystem -Security Team via [HackerOne](https://hackerone.com/nodejs-ecosystem). - -Details regarding this process can be found in the -[Security Working Group repository](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md). - -Thank you for improving the security of Node.js and its ecosystem. Your efforts -and responsible disclosure are greatly appreciated and will be acknowledged. +maintainers. ## Disclosure policy