Skip to content

docs: use global Security policy #6570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
UlisesGascon wants to merge 1 commit into
base: master
Choose a base branch
from
Open

docs: use global Security policy #6570

UlisesGascon wants to merge 1 commit into from

Conversation

@UlisesGascon
Copy link
Member

@UlisesGascon UlisesGascon commented Jun 13, 2025

@UlisesGascon UlisesGascon self-assigned this Jun 13, 2025
@UlisesGascon UlisesGascon mentioned this pull request Jun 13, 2025
Open
@bjohansebas
Copy link
Member

bjohansebas commented Jun 14, 2025

Then we should make references to treat mode in the global policy. I really thought that was the only reason it hadn't been done, because treat mode was only being referenced here
Hardanish-Singh
Hardanish-Singh reviewed Jun 16, 2025
View reviewed changes
Copy link

@Hardanish-Singh Hardanish-Singh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
bjohansebas
bjohansebas requested changes Jun 21, 2025
View reviewed changes
Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#6570 (comment)
@bjohansebas bjohansebas mentioned this pull request Jul 15, 2025
Merged
UlisesGascon added a commit to expressjs/.github that referenced this pull request Sep 8, 2025
@UlisesGascon
docs: mention the Express Threat Model
dd5e23f 
Added a section on the Express Threat Model to the security policy. Related: expressjs/express#6570 (review)
@UlisesGascon UlisesGascon mentioned this pull request Sep 8, 2025
Open
@UlisesGascon
Copy link
Member Author

UlisesGascon commented Sep 8, 2025

The PR expressjs/.github#36 should unblock this PR (cc @bjohansebas )
bjohansebas
bjohansebas approved these changes Sep 9, 2025
View reviewed changes
Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, minor concern: make sure there are no links redirecting to this file, and also please don’t merge until expressjs/.github#36 has been merged
@AradhyShrestha

This comment has been minimized.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

4.x fast track

5 participants

@UlisesGascon @bjohansebas @AradhyShrestha @Phillip9587 @Hardanish-Singh