Skip to content

Commit

Permalink
doc: no longer maintain a CNA structure
Browse files Browse the repository at this point in the history
Node.js hasn't touched the cve-management repo since the Feb 2019
security release, we've used the HackerOne CVE allocation process.

Maintaining our status as a CNA is not zero cost, there is some routine
adminstration that is requested (see this doc for details).

As we no longer use the CVE management process, I propose removing it.
If this lands, I will go through the interactions with Mitre so that
Node.js is no longer a CNA and cleanup related resources (email aliases,
archive the cve-management repo, whatever else I find).

PR-URL: #33639
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
  • Loading branch information
sam-github authored and MylesBorins committed Jul 14, 2020
1 parent f1f8d19 commit 12e4d59
Showing 1 changed file with 0 additions and 141 deletions.
141 changes: 0 additions & 141 deletions doc/guides/cve-management-process.md

This file was deleted.

0 comments on commit 12e4d59

Please sign in to comment.