Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 4e1a54f

Browse filesBrowse files
TrottMylesBorins
Trott
authored and
MylesBorins
committed
doc: revise security-reporting text in README
Simplify and clarify the security-reporting text in the README. Now is also probably a good time to ping the security triage folks to make sure the text is still accurate. PR-URL: #23407 Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: Yuta Hiroto <hello@hiroppy.me> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent 8cd41aa commit 4e1a54f
Copy full SHA for 4e1a54f

File tree

Expand file treeCollapse file tree

1 file changed

+5
-6
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

1 file changed

+5
-6
lines changed
Open diff view settings
Collapse file

‎README.md‎

Copy file name to clipboardExpand all lines: README.md
+5-6Lines changed: 5 additions & 6 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -159,13 +159,12 @@ source and a list of supported platforms.
159159

160160
## Security
161161

162-
Security flaws in Node.js should be reported by emailing security@nodejs.org.
163-
Please do not disclose security bugs publicly until they have been handled by
164-
the security team.
162+
If you find a security vulnerability in Node.js, please report it to
163+
security@nodejs.org. Please withhold public disclosure until after the security
164+
team has addressed the vulnerability.
165165

166-
Your email will be acknowledged within 24 hours, and you will receive a more
167-
detailed response to your email within 48 hours indicating the next steps in
168-
handling your report.
166+
The security team will acknowledge your email within 24 hours. You will receive
167+
a more detailed response within 48 hours.
169168

170169
There are no hard and fast rules to determine if a bug is worth reporting as
171170
a security issue. The general rule is an issue worth reporting should allow an

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.