Skip to content

Commit

Permalink
doc: remove reference to obsolete security program
Browse files Browse the repository at this point in the history
The ecosystem security program via HackerOne is no longer a thing.
Remove mention of it from SECURITY.md.

PR-URL: #42144
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Danielle Adams <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
  • Loading branch information
Trott authored Mar 1, 2022
1 parent b3723fa commit ce1c536
Showing 1 changed file with 1 addition and 8 deletions.
9 changes: 1 addition & 8 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,7 @@ the HackerOne platform. See <https://hackerone.com/nodejs> for further details.
## Reporting a bug in a third party module

Security bugs in third party modules should be reported to their respective
maintainers and should also be coordinated through the Node.js Ecosystem
Security Team via [HackerOne](https://hackerone.com/nodejs-ecosystem).

Details regarding this process can be found in the
[Security Working Group repository](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md).

Thank you for improving the security of Node.js and its ecosystem. Your efforts
and responsible disclosure are greatly appreciated and will be acknowledged.
maintainers.

## Disclosure policy

Expand Down

0 comments on commit ce1c536

Please sign in to comment.