Skip to content

Commit

Permalink
doc: update security release process
Browse files Browse the repository at this point in the history
- update security release process to reflect current way to
  ask for tweet to amplify security release blog posts.

Signed-off-by: Michael Dawson <midawson@redhat.com>

PR-URL: #50166
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
  • Loading branch information
mhdawson authored and targos committed Nov 11, 2023
1 parent 7cd406a commit ff8e1b8
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions doc/contributing/security-release-process.md
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,8 @@ The google groups UI does not support adding a CC, until we figure
out a better way, forward the email you receive to
`oss-security@lists.openwall.com` as a CC.

* [ ] Send a message to `#nodejs-social` in OpenJS Foundation slack
* [ ] Post in the [nodejs-social channel][]
in the OpenJS slack asking for amplication of the blog post.

```text
Security release pre-alert:
Expand Down Expand Up @@ -179,7 +180,8 @@ out a better way, forward the email you receive to
For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/
```

* [ ] Create a new issue in [nodejs/tweet][]
* [ ] Post in the [nodejs-social channel][]
in the OpenJS slack asking for amplication of the blog post.
```text
Security release:
Expand Down Expand Up @@ -238,5 +240,5 @@ The steps to correct CVE information are:
[H1 CVE requests]: https://hackerone.com/nodejs/cve_requests
[docker-node]: https://github.com/nodejs/docker-node/issues
[email]: https://groups.google.com/forum/#!forum/nodejs-sec
[nodejs-social channel]: https://openjs-foundation.slack.com/archives/C0142A39BNE
[nodejs/build]: https://github.com/nodejs/build/issues
[nodejs/tweet]: https://github.com/nodejs/tweet/issues

0 comments on commit ff8e1b8

Please sign in to comment.