OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2025-12-06 00:20:08 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

doc: use sentence-case for headers in SECURITY.md

Browse Source 
Our doc style guide calls for sentence-case in headers.

PR-URL: https://github.com/nodejs/node/pull/34525
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Stewart X Addison <sxa@uk.ibm.com>
This commit is contained in:
Rich Trott 2020-07-26 21:54:58 -07:00 committed by Anna Henningsen
parent b329a95c01
commit f350b512e7
No known key found for this signature in database
GPG Key ID: A94130F0BFC8EBE9
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SECURITY.md
View File

@ -1,6 +1,6 @@
# Security
## Reporting a Bug in Node.js
## Reporting a bug in Node.js
Report security bugs in Node.js via [HackerOne](https://hackerone.com/nodejs).
@ -13,13 +13,13 @@ you informed of the progress being made towards a fix and full announcement,
and may ask for additional information or guidance surrounding the reported
issue.
### Node.js Bug Bounty Program
### Node.js bug bounty program
The Node.js project engages in an official bug bounty program for security
researchers and responsible public disclosures. The program is managed through
the HackerOne platform. See <https://hackerone.com/nodejs> for further details.
## Reporting a Bug in a third party module
## Reporting a bug in a third party module
Security bugs in third party modules should be reported to their respective
maintainers and should also be coordinated through the Node.js Ecosystem
@ -31,7 +31,7 @@ Details regarding this process can be found in the
Thank you for improving the security of Node.js and its ecosystem. Your efforts
and responsible disclosure are greatly appreciated and will be acknowledged.
## Disclosure Policy
## Disclosure policy
Here is the security disclosure policy for Node.js
@ -60,14 +60,14 @@ Here is the security disclosure policy for Node.js
the release process above to ensure that the disclosure is handled in a
consistent manner.
## Receiving Security Updates
## Receiving security updates
Security notifications will be distributed via the following methods.
* <https://groups.google.com/group/nodejs-sec>
* <https://nodejs.org/en/blog/>
## Comments on this Policy
## Comments on this policy
If you have suggestions on how this process could be improved please submit a
[pull request](https://github.com/nodejs/nodejs.org) or