diff --git a/components/__design__/text.stories.tsx b/components/__design__/text.stories.tsx index 7d531dc45ba7d..e9e5f3266569c 100644 --- a/components/__design__/text.stories.tsx +++ b/components/__design__/text.stories.tsx @@ -5,8 +5,8 @@ export const Anchor: StoryObj = {

The current Node.js security policy can be found at{' '} - - https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security + + https://github.com/nodejs/node/security/policy#security , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at{' '} diff --git a/navigation.json b/navigation.json index f50da11a8861f..a78e9835dbeaa 100644 --- a/navigation.json +++ b/navigation.json @@ -101,7 +101,7 @@ } }, "security": { - "link": "https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security", + "link": "https://github.com/nodejs/node/security/policy#security", "translationId": "components.header.links.security", "items": {} }, diff --git a/pages/en/blog/vulnerability/april-2020-openssl-updates.md b/pages/en/blog/vulnerability/april-2020-openssl-updates.md index eb5de181d6eb1..26e8071c716ce 100644 --- a/pages/en/blog/vulnerability/april-2020-openssl-updates.md +++ b/pages/en/blog/vulnerability/april-2020-openssl-updates.md @@ -57,7 +57,7 @@ https://groups.google.com/forum/#!forum/nodejs-sec ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/aug-2019-security-releases.md b/pages/en/blog/vulnerability/aug-2019-security-releases.md index 59c4f370a1b96..9c6d787190fef 100644 --- a/pages/en/blog/vulnerability/aug-2019-security-releases.md +++ b/pages/en/blog/vulnerability/aug-2019-security-releases.md @@ -77,7 +77,7 @@ also be found on each release page. ### Contact and future updates The current Node.js security policy and information about how to report a -vulnerability can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +vulnerability can be found at https://github.com/nodejs/node/security/policy#security. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on diff --git a/pages/en/blog/vulnerability/aug-2021-security-releases.md b/pages/en/blog/vulnerability/aug-2021-security-releases.md index f293e225ac98b..29f6aac6adfb4 100644 --- a/pages/en/blog/vulnerability/aug-2021-security-releases.md +++ b/pages/en/blog/vulnerability/aug-2021-security-releases.md @@ -87,6 +87,6 @@ Releases will be available at, or shortly after, Wednesday, August 11th, 2021. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/aug-2021-security-releases2.md b/pages/en/blog/vulnerability/aug-2021-security-releases2.md index 82c20019e6b2f..dd4aa8b8a1134 100644 --- a/pages/en/blog/vulnerability/aug-2021-security-releases2.md +++ b/pages/en/blog/vulnerability/aug-2021-security-releases2.md @@ -57,6 +57,6 @@ Releases will be available at, or shortly after, Tuesday, August 31th, 2021. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/august-2018-security-releases.md b/pages/en/blog/vulnerability/august-2018-security-releases.md index 8afb823a54b53..440249d09809e 100644 --- a/pages/en/blog/vulnerability/august-2018-security-releases.md +++ b/pages/en/blog/vulnerability/august-2018-security-releases.md @@ -120,7 +120,7 @@ Releases will be available at, or shortly after, the 15th of August, 2018 (UTC), ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/august-2023-security-releases.md b/pages/en/blog/vulnerability/august-2023-security-releases.md index 27b7417d70519..424d7b2425f96 100644 --- a/pages/en/blog/vulnerability/august-2023-security-releases.md +++ b/pages/en/blog/vulnerability/august-2023-security-releases.md @@ -159,6 +159,6 @@ Releases will be available on, or shortly after, Tuesday August 8th 2023. ## Contact and future updates -The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/december-2017-security-releases.md b/pages/en/blog/vulnerability/december-2017-security-releases.md index 6919424ec3d44..6ed54938ea640 100644 --- a/pages/en/blog/vulnerability/december-2017-security-releases.md +++ b/pages/en/blog/vulnerability/december-2017-security-releases.md @@ -77,7 +77,7 @@ Releases will be available as soon as possible after the OpenSSL release, along ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/december-2019-security-releases.md b/pages/en/blog/vulnerability/december-2019-security-releases.md index 68d08c8bf3556..d64f6c71075f7 100644 --- a/pages/en/blog/vulnerability/december-2019-security-releases.md +++ b/pages/en/blog/vulnerability/december-2019-security-releases.md @@ -68,6 +68,6 @@ Releases will be available at, or shortly after, Tuesday, December 17, 2019 UTC. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/february-2019-security-releases.md b/pages/en/blog/vulnerability/february-2019-security-releases.md index ff308e38acb22..33b1b1fbf48b0 100644 --- a/pages/en/blog/vulnerability/february-2019-security-releases.md +++ b/pages/en/blog/vulnerability/february-2019-security-releases.md @@ -126,7 +126,7 @@ Releases will be available at, or shortly after, Wednesday, February 27th, 2019 ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/february-2020-security-releases.md b/pages/en/blog/vulnerability/february-2020-security-releases.md index aeaf65c9c053b..052be2c554b15 100644 --- a/pages/en/blog/vulnerability/february-2020-security-releases.md +++ b/pages/en/blog/vulnerability/february-2020-security-releases.md @@ -57,6 +57,6 @@ Releases will be available at, or shortly after, Tuesday, February 4th, 2020. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/february-2023-security-releases.md b/pages/en/blog/vulnerability/february-2023-security-releases.md index ef487190f0a73..159fbba162d56 100644 --- a/pages/en/blog/vulnerability/february-2023-security-releases.md +++ b/pages/en/blog/vulnerability/february-2023-security-releases.md @@ -128,6 +128,6 @@ Releases will be available on, or shortly after, Tuesday February 14 2023. ## Contact and future updates -The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/jan-2018-spectre-meltdown.md b/pages/en/blog/vulnerability/jan-2018-spectre-meltdown.md index 7e01e8e04c5d5..b38428602079a 100644 --- a/pages/en/blog/vulnerability/jan-2018-spectre-meltdown.md +++ b/pages/en/blog/vulnerability/jan-2018-spectre-meltdown.md @@ -32,7 +32,7 @@ system. You do not need to update the Node.js runtime. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/jan-2022-security-releases.md b/pages/en/blog/vulnerability/jan-2022-security-releases.md index 773b67ee60bb0..3445cec06347c 100644 --- a/pages/en/blog/vulnerability/jan-2022-security-releases.md +++ b/pages/en/blog/vulnerability/jan-2022-security-releases.md @@ -105,8 +105,8 @@ Releases will be available on, or shortly after, Monday, January 10th, 2022. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/main/SECURITY.md. -Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy. +Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/january-2021-security-releases.md b/pages/en/blog/vulnerability/january-2021-security-releases.md index e36c3800bfb03..c6df3de26589d 100644 --- a/pages/en/blog/vulnerability/january-2021-security-releases.md +++ b/pages/en/blog/vulnerability/january-2021-security-releases.md @@ -80,6 +80,6 @@ Releases will be available at, or shortly after, Monday January 4th, 2021 ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/july-2017-security-releases.md b/pages/en/blog/vulnerability/july-2017-security-releases.md index 95754235f1aff..18ab1f2ab24a7 100644 --- a/pages/en/blog/vulnerability/july-2017-security-releases.md +++ b/pages/en/blog/vulnerability/july-2017-security-releases.md @@ -95,7 +95,7 @@ Releases will be available at, or shortly after, Tuesday the 11th of July along ## Contact and future updates -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/july-2021-security-releases.md b/pages/en/blog/vulnerability/july-2021-security-releases.md index b9a10cc00eb3d..c457c66c60080 100644 --- a/pages/en/blog/vulnerability/july-2021-security-releases.md +++ b/pages/en/blog/vulnerability/july-2021-security-releases.md @@ -93,6 +93,6 @@ Releases will be available at, or shortly after, Thursday, July 1st, 2021. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/july-2022-security-releases.md b/pages/en/blog/vulnerability/july-2022-security-releases.md index feb3e639617a7..48c0963bc6205 100644 --- a/pages/en/blog/vulnerability/july-2022-security-releases.md +++ b/pages/en/blog/vulnerability/july-2022-security-releases.md @@ -198,6 +198,6 @@ Please monitor the **nodejs-sec** Google Group for updates, including a decision ## Contact and future updates -The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/june-2016-security-releases.md b/pages/en/blog/vulnerability/june-2016-security-releases.md index 96dbfb2d2ea23..002ffa902bafb 100644 --- a/pages/en/blog/vulnerability/june-2016-security-releases.md +++ b/pages/en/blog/vulnerability/june-2016-security-releases.md @@ -120,7 +120,7 @@ We intend to also include a patch for HTTP client in Node.js. While we do not co Please monitor the nodejs-sec Google Group for updates: https://groups.google.com/forum/#!forum/nodejs-sec or the Node.js website for release announcements: https://nodejs.org/en/blog/ -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/june-2018-security-releases.md b/pages/en/blog/vulnerability/june-2018-security-releases.md index 3c415c78f0113..b9dc76a20ecd2 100644 --- a/pages/en/blog/vulnerability/june-2018-security-releases.md +++ b/pages/en/blog/vulnerability/june-2018-security-releases.md @@ -103,7 +103,7 @@ Releases will be available on or around June 12th, 2018 (UTC), along with disclo ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/june-2020-security-releases.md b/pages/en/blog/vulnerability/june-2020-security-releases.md index 249f590ba2bc0..1e12df176858a 100644 --- a/pages/en/blog/vulnerability/june-2020-security-releases.md +++ b/pages/en/blog/vulnerability/june-2020-security-releases.md @@ -78,6 +78,6 @@ Releases will be available on or shortly after Tuesday, June 2nd, 2020. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/june-2023-security-releases.md b/pages/en/blog/vulnerability/june-2023-security-releases.md index 0552a4be1679c..ff5a97892d9c0 100644 --- a/pages/en/blog/vulnerability/june-2023-security-releases.md +++ b/pages/en/blog/vulnerability/june-2023-security-releases.md @@ -213,6 +213,6 @@ Releases will be available on, or shortly after, Tuesday June 20 2023. ## Contact and future updates -The current Node.js security policy can be found at . Please follow the process outlined in if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at . Please follow the process outlined in if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/mar-2022-security-releases.md b/pages/en/blog/vulnerability/mar-2022-security-releases.md index 32036b4a33a5b..fb5eb19c2074f 100644 --- a/pages/en/blog/vulnerability/mar-2022-security-releases.md +++ b/pages/en/blog/vulnerability/mar-2022-security-releases.md @@ -51,8 +51,8 @@ Releases will be available on, or shortly after, Thursday, March 17th, 2022. ### Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/main/SECURITY.md. -Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy. +Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. @@ -92,7 +92,7 @@ https://groups.google.com/forum/#!forum/nodejs-sec ### Contact and future updates The current Node.js security policy can be found at -, +, including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/march-2018-security-releases.md b/pages/en/blog/vulnerability/march-2018-security-releases.md index f10c2e9d04c37..1a60c0895e3bb 100644 --- a/pages/en/blog/vulnerability/march-2018-security-releases.md +++ b/pages/en/blog/vulnerability/march-2018-security-releases.md @@ -141,7 +141,7 @@ Releases will be available at, or shortly after, the 27th of March, 2018 (UTC), ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/november-2018-security-releases.md b/pages/en/blog/vulnerability/november-2018-security-releases.md index 831451522ca1b..48efa3d3cd380 100644 --- a/pages/en/blog/vulnerability/november-2018-security-releases.md +++ b/pages/en/blog/vulnerability/november-2018-security-releases.md @@ -194,7 +194,7 @@ Releases will be available at, or shortly after, the 27th of November, 2018 UTC, ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/november-2020-security-releases.md b/pages/en/blog/vulnerability/november-2020-security-releases.md index bcfc91b030df2..ea42f14777190 100644 --- a/pages/en/blog/vulnerability/november-2020-security-releases.md +++ b/pages/en/blog/vulnerability/november-2020-security-releases.md @@ -48,6 +48,6 @@ Releases will be available at, or shortly after, Monday, November 16th, 2020 ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/november-2022-security-releases.md b/pages/en/blog/vulnerability/november-2022-security-releases.md index e8574e4bef28a..b4a218179280e 100644 --- a/pages/en/blog/vulnerability/november-2022-security-releases.md +++ b/pages/en/blog/vulnerability/november-2022-security-releases.md @@ -106,6 +106,6 @@ Releases will be available on, or shortly after, Thursday, November 3rd, 2022. ## Contact and future updates -The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/oct-2017-dos.md b/pages/en/blog/vulnerability/oct-2017-dos.md index 462087840dd4e..75ffb65c54a25 100644 --- a/pages/en/blog/vulnerability/oct-2017-dos.md +++ b/pages/en/blog/vulnerability/oct-2017-dos.md @@ -67,7 +67,7 @@ Releases will be available at, or shortly after, the 24th of October along with ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/oct-2021-security-releases.md b/pages/en/blog/vulnerability/oct-2021-security-releases.md index a6a78f6870d22..6019d31c72829 100644 --- a/pages/en/blog/vulnerability/oct-2021-security-releases.md +++ b/pages/en/blog/vulnerability/oct-2021-security-releases.md @@ -68,6 +68,6 @@ Releases will be available at, or shortly after, Tuesday, October 12th, 2021. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/october-2023-security-releases.md b/pages/en/blog/vulnerability/october-2023-security-releases.md index 69fc787ec7545..089ffbf6fbbb3 100644 --- a/pages/en/blog/vulnerability/october-2023-security-releases.md +++ b/pages/en/blog/vulnerability/october-2023-security-releases.md @@ -123,6 +123,6 @@ Releases will be available on, or shortly after, Friday October 13 2023. ## Contact and future updates -The current Node.js security policy can be found at . Please follow the process outlined in if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at . Please follow the process outlined in if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md b/pages/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md index 1adf920ccb385..dfd5714c3e724 100644 --- a/pages/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md +++ b/pages/en/blog/vulnerability/openssl-and-low-severity-fixes-jan-2016.md @@ -65,7 +65,7 @@ Please monitor the **nodejs-sec** Google Group for updates, including a decision ### Contact and future updates -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact [security@nodejs.org](mailto:security@nodejs.org) if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/openssl-and-zlib-vulnerability-assessment.md b/pages/en/blog/vulnerability/openssl-and-zlib-vulnerability-assessment.md index 678a3cbebd454..cc6f5438ececc 100644 --- a/pages/en/blog/vulnerability/openssl-and-zlib-vulnerability-assessment.md +++ b/pages/en/blog/vulnerability/openssl-and-zlib-vulnerability-assessment.md @@ -42,7 +42,7 @@ Ensure to watch the repository if you are interested in security patches. ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-dec2022.md b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-dec2022.md index 212a14a57444f..51b6c6914555b 100644 --- a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-dec2022.md +++ b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-dec2022.md @@ -23,7 +23,7 @@ Therefore, Node.js is not affected by this vulnerability. ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-jun2022.md b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-jun2022.md index 222502af3237a..d16caa5c89a2b 100644 --- a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-jun2022.md +++ b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-jun2022.md @@ -21,7 +21,7 @@ Node.js doesn't use or ship the `c_rehash` script. Therefore, Node.js is not aff ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-may2022.md b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-may2022.md index c2e9f71ed0aed..95d22d2aaac50 100644 --- a/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-may2022.md +++ b/pages/en/blog/vulnerability/openssl-fixes-in-regular-releases-may2022.md @@ -37,7 +37,7 @@ Node.js release cycle with releases scheduled by the end of May. ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/openssl-march-2016.md b/pages/en/blog/vulnerability/openssl-march-2016.md index 0008f35a6cae3..4781fe0ebb0b3 100644 --- a/pages/en/blog/vulnerability/openssl-march-2016.md +++ b/pages/en/blog/vulnerability/openssl-march-2016.md @@ -61,7 +61,7 @@ Please monitor the **nodejs-sec** Google Group for updates, including an impact ### Contact and future updates -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact [security@nodejs.org](mailto:security@nodejs.org) if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/openssl-may-2016.md b/pages/en/blog/vulnerability/openssl-may-2016.md index 457e95a1abdd1..931bf8f0916a7 100644 --- a/pages/en/blog/vulnerability/openssl-may-2016.md +++ b/pages/en/blog/vulnerability/openssl-may-2016.md @@ -37,7 +37,7 @@ Please monitor the **nodejs-sec** Google Group for updates, including an impact ## Contact and future updates -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact [security@nodejs.org](mailto:security@nodejs.org) if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/openssl-november-2017.md b/pages/en/blog/vulnerability/openssl-november-2017.md index 9471b1af49b5d..9a6d97c04bdfc 100644 --- a/pages/en/blog/vulnerability/openssl-november-2017.md +++ b/pages/en/blog/vulnerability/openssl-november-2017.md @@ -89,7 +89,7 @@ Please monitor the **nodejs-sec** Google Group for updates, including an impact ## Contact and future updates -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/openssl-november-2022.md b/pages/en/blog/vulnerability/openssl-november-2022.md index d7ce9744a4ff2..5fb14005cfd9b 100644 --- a/pages/en/blog/vulnerability/openssl-november-2022.md +++ b/pages/en/blog/vulnerability/openssl-november-2022.md @@ -44,7 +44,7 @@ https://groups.google.com/forum/#!forum/nodejs-sec ### Contact and future updates The current Node.js security policy can be found at -, +, including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/september-2016-security-releases.md b/pages/en/blog/vulnerability/september-2016-security-releases.md index a21ee8898b371..3e24bc931b54a 100644 --- a/pages/en/blog/vulnerability/september-2016-security-releases.md +++ b/pages/en/blog/vulnerability/september-2016-security-releases.md @@ -245,7 +245,7 @@ Node.js is not yet dependent on OpenSSL 1.1.0, nor does it implement DTLS, so it Please monitor the nodejs-sec Google Group for updates: https://groups.google.com/forum/#!forum/nodejs-sec or the Node.js website for release announcements: https://nodejs.org/en/blog/ -The current Node.js security policy can be found at . +The current Node.js security policy can be found at . Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/september-2017-path-validation.md b/pages/en/blog/vulnerability/september-2017-path-validation.md index 5d82a2c743291..5a0b52ba0bcfe 100644 --- a/pages/en/blog/vulnerability/september-2017-path-validation.md +++ b/pages/en/blog/vulnerability/september-2017-path-validation.md @@ -34,7 +34,7 @@ A CVE has been assigned as [CVE-2017-14849](http://cve.mitre.org/cgi-bin/cvename ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please contact security@nodejs.org if you wish to report a vulnerability in Node.js. diff --git a/pages/en/blog/vulnerability/september-2019-openssl-no-updates.md b/pages/en/blog/vulnerability/september-2019-openssl-no-updates.md index 764204ea4a942..74fc11604b34d 100644 --- a/pages/en/blog/vulnerability/september-2019-openssl-no-updates.md +++ b/pages/en/blog/vulnerability/september-2019-openssl-no-updates.md @@ -36,7 +36,7 @@ of the OpenSSL security advisory. ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/september-2019-openssl-updates.md b/pages/en/blog/vulnerability/september-2019-openssl-updates.md index 718ad4c2e88f6..730eaa6355510 100644 --- a/pages/en/blog/vulnerability/september-2019-openssl-updates.md +++ b/pages/en/blog/vulnerability/september-2019-openssl-updates.md @@ -43,7 +43,7 @@ https://groups.google.com/forum/#!forum/nodejs-sec ### Contact and future updates -The current Node.js security policy can be found at , +The current Node.js security policy can be found at , including information on how to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only **nodejs-sec** mailing list at diff --git a/pages/en/blog/vulnerability/september-2020-security-releases.md b/pages/en/blog/vulnerability/september-2020-security-releases.md index 1435d5976b278..939d5cf8700f0 100644 --- a/pages/en/blog/vulnerability/september-2020-security-releases.md +++ b/pages/en/blog/vulnerability/september-2020-security-releases.md @@ -75,6 +75,6 @@ Releases will be available at, or shortly after, Tuesday, September 15th, 2020. ## Contact and future updates -The current Node.js security policy can be found at https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://github.com/nodejs/node/security/policy#security. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/blog/vulnerability/september-2022-security-releases.md b/pages/en/blog/vulnerability/september-2022-security-releases.md index 136430cce517e..c35e61977ead3 100644 --- a/pages/en/blog/vulnerability/september-2022-security-releases.md +++ b/pages/en/blog/vulnerability/september-2022-security-releases.md @@ -134,6 +134,6 @@ Releases will be available on, or shortly after, Thursday, September 22nd, 2022. ## Contact and future updates -The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/blob/main/SECURITY.md if you wish to report a vulnerability in Node.js. +The current Node.js security policy can be found at https://nodejs.org/en/security/. Please follow the process outlined in https://github.com/nodejs/node/security/policy if you wish to report a vulnerability in Node.js. Subscribe to the low-volume announcement-only nodejs-sec mailing list at https://groups.google.com/forum/#!forum/nodejs-sec to stay up to date on security vulnerabilities and security-related releases of Node.js and the projects maintained in the nodejs GitHub organization. diff --git a/pages/en/docs/guides/security/index.md b/pages/en/docs/guides/security/index.md index ff56a7d46e944..cd2f1ad08c305 100644 --- a/pages/en/docs/guides/security/index.md +++ b/pages/en/docs/guides/security/index.md @@ -419,7 +419,7 @@ The [OpenSSF][] is leading several initiatives that can be very useful, especial - [OpenSSF Scorecard][] Scorecard evaluates open source projects using a series of automated security risk checks. You can use it to proactively assess vulnerabilities and dependencies in your code base and make informed decisions about accepting vulnerabilities. - [OpenSSF Best Practices Badge Program][] Projects can voluntarily self-certify by describing how they comply with each best practice. This will generate a badge that can be added to the project. -[threat model]: https://github.com/nodejs/node/blob/main/SECURITY.md#the-nodejs-threat-model +[threat model]: https://github.com/nodejs/node/security/policy#the-nodejs-threat-model [security guidance issue]: https://github.com/nodejs/security-wg/issues/488 [nodejs guideline]: https://github.com/goldbergyoni/nodebestpractices [OSSF Best Practices]: https://github.com/ossf/wg-best-practices-os-developers diff --git a/pages/id/docs/guides/security/index.md b/pages/id/docs/guides/security/index.md index 8de12a0748966..e54c456030933 100644 --- a/pages/id/docs/guides/security/index.md +++ b/pages/id/docs/guides/security/index.md @@ -289,7 +289,7 @@ Penggunaan fitur eksperimental dalam produksi tidak disarankan. Fitur eksperimen - [OpenSSF Scorecard][] Scorecard mengevaluasi project open source menggunakan serangkaian pemeriksaan risiko keamanan otomatis. Anda dapat menggunakannya untuk secara proaktif menilai kerentanan dan ketergantungan dalam basis kode Anda dan membuat keputusan yang matang tentang menerima kerentanan. - [Program Badge Praktik Terbaik OpenSSF][] Project dapat secara sukarela melakukan sertifikasi mandiri dengan menjelaskan cara mereka mematuhi setiap praktik terbaik. Ini akan menghasilkan lencana yang dapat ditambahkan ke proyek. -[model ancaman]: https://github.com/nodejs/node/blob/main/SECURITY.md#the-nodejs-threat-model +[model ancaman]: https://github.com/nodejs/node/security/policy#the-nodejs-threat-model [security guidance issue]: https://github.com/nodejs/security-wg/issues/488 [nodejs guideline]: https://github.com/goldbergyoni/nodebestpractices [Praktik Terbaik OSSF]: https://github.com/ossf/wg-best-practices-os-developers diff --git a/pages/zh-cn/docs/guides/security/index.md b/pages/zh-cn/docs/guides/security/index.md index 401ce2a97bb81..972022fd1acc0 100644 --- a/pages/zh-cn/docs/guides/security/index.md +++ b/pages/zh-cn/docs/guides/security/index.md @@ -289,7 +289,7 @@ SyntaxError [ERR_SRI_PARSE]: Subresource Integrity string "sha256-iuGZ6SFVFpMuHU - [OpenSSF 计分卡][] 计分卡使用一系列自动安全风险检查来评估开源项目。 你可以使用它来主动评估你的代码基础中的脆弱性和依赖性,并就接受脆弱性做出明智的决定。 - [OpenSSF 最佳做法徽章方案][] 项目可以通过描述它们如何遵守每个最佳做法而自愿自我认证。 这将生成一个可以添加到项目的徽章。 -[威胁示例]: https://github.com/nodejs/node/blob/main/SECURITY.md#the-nodejs-threat-model +[威胁示例]: https://github.com/nodejs/node/security/policy#the-nodejs-threat-model [安全指南讨论议题]: https://github.com/nodejs/security-wg/issues/488 [nodejs 使用指南]: https://github.com/goldbergyoni/nodebestpractices [OSSF 最佳实践做法]: https://github.com/ossf/wg-best-practices-os-developers diff --git a/public/security.txt b/public/security.txt index 503e1b404b2eb..1163a25b230c0 100644 --- a/public/security.txt +++ b/public/security.txt @@ -1,2 +1,2 @@ Contact: https://hackerone.com/nodejs -Policy: https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security +Policy: https://github.com/nodejs/node/security/policy#security diff --git a/redirects.json b/redirects.json index 5e495b63c5136..df26f5cfba3cd 100644 --- a/redirects.json +++ b/redirects.json @@ -22,7 +22,7 @@ }, { "source": "/:locale/security", - "destination": "https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security" + "destination": "https://github.com/nodejs/node/security/policy#security" }, { "source": "/:locale/contribute/accepting_contributions.html", @@ -34,7 +34,7 @@ }, { "source": "/:locale/about/security", - "destination": "https://github.com/nodejs/node/blob/HEAD/SECURITY.md#security" + "destination": "https://github.com/nodejs/node/security/policy#security" }, { "source": "/:locale/advisory-board",