Skip to content

docs: use global Security policy #6570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

docs: use global Security policy #6570

wants to merge 1 commit into from
+0 −56

Conversation

UlisesGascon
Copy link
Member

@UlisesGascon UlisesGascon self-assigned this Jun 13, 2025
@UlisesGascon UlisesGascon mentioned this pull request Jun 13, 2025
Open
@bjohansebas
Copy link
Member

Then we should make references to treat mode in the global policy. I really thought that was the only reason it hadn't been done, because treat mode was only being referenced here

Hardanish-Singh
Hardanish-Singh reviewed Jun 16, 2025
View reviewed changes
Copy link

@Hardanish-Singh Hardanish-Singh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

bjohansebas
bjohansebas requested changes Jun 21, 2025
View reviewed changes
Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#6570 (comment)

@bjohansebas bjohansebas mentioned this pull request Jul 15, 2025
Merged
UlisesGascon added a commit to expressjs/.github that referenced this pull request Sep 8, 2025
@UlisesGascon
docs: mention the Express Threat Model
dd5e23f 
Added a section on the Express Threat Model to the security policy.

Related: expressjs/express#6570 (review)
@UlisesGascon UlisesGascon mentioned this pull request Sep 8, 2025
Open
@UlisesGascon
Copy link
Member Author

The PR expressjs/.github#36 should unblock this PR (cc @bjohansebas )

bjohansebas
bjohansebas approved these changes Sep 9, 2025
View reviewed changes
Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, minor concern: make sure there are no links redirecting to this file, and also please don’t merge until expressjs/.github#36 has been merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Phillip9587 Phillip9587 Phillip9587 approved these changes

@bjohansebas bjohansebas bjohansebas approved these changes

+1 more reviewer

@Hardanish-Singh Hardanish-Singh Hardanish-Singh left review comments

Reviewers whose approvals may not affect merge requirements
Assignees

@UlisesGascon UlisesGascon

Labels
4.x fast track
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@UlisesGascon @bjohansebas @Phillip9587 @Hardanish-Singh