diff --git a/README.md b/README.md index eccd02f9e..2e047ab05 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,6 @@ [![Sponsors on Open Collective](https://opencollective.com/validatorjs/sponsors/badge.svg)](#sponsors) [![License](https://img.shields.io/badge/License-MIT-red.svg)](https://github.com/alguerocode/validator.js/blob/master/LICENSE) [![Gitter][gitter-image]][gitter-url] -[![Disclose a vulnerability][huntr-image]][huntr-url] A library of string validators and sanitizers. diff --git a/SECURITY.md b/SECURITY.md index 72592f135..266d8d844 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -8,4 +8,4 @@ In the case of a confirmed security issue, only the current version of validator **Please don't disclose security-related issues publicly.** -If you discover a vulnerability within validator, please use [huntr.dev disclosure form](https://huntr.dev/bounties/disclose/?target=https://github.com/validatorjs/validator.js). We will try to validate and respond to reports in a reasonable time. if the issue is confirmed, we will create a security advisory and a patch as soon as possible. \ No newline at end of file +Report the security issue to the Node.js Security Working Group through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.