Commit 4ac0df9
doc: no longer maintain a CNA structure
Node.js hasn't touched the cve-management repo since the Feb 2019
security release, we've used the HackerOne CVE allocation process.
Maintaining our status as a CNA is not zero cost, there is some routine
adminstration that is requested (see this doc for details).
As we no longer use the CVE management process, I propose removing it.
If this lands, I will go through the interactions with Mitre so that
Node.js is no longer a CNA and cleanup related resources (email aliases,
archive the cve-management repo, whatever else I find).
PR-URL: #33639
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>1 parent 75637e6 commit 4ac0df9Copy full SHA for 4ac0df9
File tree
Expand file treeCollapse file tree
1 file changed
+0
-141
lines changedOpen diff view settings
Filter options
- doc/guides
Expand file treeCollapse file tree
1 file changed
+0
-141
lines changedOpen diff view settings
Collapse file
doc/guides/cve-management-process.md
Copy file name to clipboardExpand all lines: doc/guides/cve-management-process.md-141Lines changed: 0 additions & 141 deletions
This file was deleted.
0 commit comments