/security-wg

Node.js Ecosystem Security Working Group

Primary LanguageJavaScriptMIT LicenseMIT

Node.js Security Team Security Meetings OpenJS Slack Invite OpenSSF scorecard

Security Team

Table of Contents

This team is not responsible for managing or responding to security reports against Node.js itself. That responsibility remains with the Node.js TSC.

Node.js Bug Bounty Program

The program is managed through the HackerOne platform at https://hackerone.com/nodejs with further details.

Current Initiatives

Initiative Champion Status Links
Automate Security release process @marco-ippolito / @RafaelGSS In Progress Issue #860
Node.js maintainers: Threat Model Group effort In Progress Issue #1333
Audit build process for dependencies @mhdawson TODO Issue #1037

Current Project Team Members

Emeritus Members

Code of Conduct

The Node.js Code of Conduct applies to this team.

Moderation Policy

The Node.js Moderation Policy applies to this team.