Skip to content

Commit

Permalink
doc: no longer maintain a CNA structure
Browse files Browse the repository at this point in the history
Node.js hasn't touched the cve-management repo since the Feb 2019
security release, we've used the HackerOne CVE allocation process.

Maintaining our status as a CNA is not zero cost, there is some routine
adminstration that is requested (see this doc for details).

As we no longer use the CVE management process, I propose removing it.
If this lands, I will go through the interactions with Mitre so that
Node.js is no longer a CNA and cleanup related resources (email aliases,
archive the cve-management repo, whatever else I find).

PR-URL: #33639
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Vladimir de Turckheim <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Сковорода Никита Андреевич <[email protected]>
  • Loading branch information
sam-github authored and MylesBorins committed Jul 16, 2020
1 parent 5ae2b74 commit 25d310b
Showing 1 changed file with 0 additions and 141 deletions.
141 changes: 0 additions & 141 deletions doc/guides/cve-management-process.md

This file was deleted.

0 comments on commit 25d310b

Please sign in to comment.