Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal: add repository security advisory #30

Open
bjohansebas opened this issue Oct 6, 2024 · 1 comment
Open

Proposal: add repository security advisory #30

bjohansebas opened this issue Oct 6, 2024 · 1 comment
Labels
security-wg-agenda

Comments

@bjohansebas
Copy link
Member

GitHub has a feature that allows creating a draft security advisory to privately discuss and fix a security vulnerability, similar to how issue templates work.

For example, Next.js has this feature enabled:
image

I believe this would improve the process of reporting potential vulnerabilities in Express and its packages.

ref:
@UlisesGascon
Copy link
Member

Yep! We will add this to all the repos at some point (hope soon). I will transfer the issue to the Security-wg for execution 👍

@UlisesGascon UlisesGascon transferred this issue from expressjs/discussions Oct 6, 2024
@UlisesGascon UlisesGascon mentioned this issue Oct 21, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security-wg-agenda
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@UlisesGascon @bjohansebas