Skip to content

Commit

Permalink
doc: clarify reports are only evaluated on active versions
Browse files Browse the repository at this point in the history
  • Loading branch information
RafaelGSS committed Mar 31, 2023
1 parent b74b9dd commit 7e9d819
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,10 @@ maintainers.
Here is the security disclosure policy for Node.js

* The security report is received and is assigned a primary handler. This
person will coordinate the fix and release process. The problem is confirmed
and a list of all affected versions is determined. Code is audited to find
any potential similar problems. Fixes are prepared for all releases which are
person will coordinate the fix and release process. The problem is validated
against all supported Node.js versions. Once confirmed, a list of all affected
versions is determined. Code is audited to find any potential similar
problems. Fixes are prepared for all releases which are
still under maintenance. These fixes are not committed to the public
repository but rather held locally pending the announcement.

Expand Down

0 comments on commit 7e9d819

Please sign in to comment.