Skip to content

Commit

Permalink
doc: add nodejs-sec email template
Browse files Browse the repository at this point in the history
This commit adds a suggestion for a template to be used as part of the
security release process. One step of this process is to create an email
to nodejs-sec group and currently would contain a copy and pasted
version of what is published on nodejs.org. This suggestion is to
instead use a link to the blog post.

Refs: nodejs#38143
  • Loading branch information
danbev committed Apr 19, 2021
1 parent bfee9da commit 85dd634
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions doc/guides/security-release-process.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,12 @@ information described.
* Described in the pre/post announcements

* [ ] Pre-release announcement [email][]: ***LINK TO EMAIL***
```
Security updates for all active release lines, Month Year
The Node.js project will release new versions of all supported release lines on or shortly after Day of week, Month Day of Month, Year
For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/
```
(Get access from existing manager: Ben Noordhuis, Rod Vagg, Michael Dawson)

* [ ] Pre-release announcement to nodejs.org blog: ***LINK TO BLOG***
Expand All @@ -64,6 +70,12 @@ information described.
* [ ] [Unlock CI](https://github.com/nodejs/build/blob/HEAD/doc/jenkins-guide.md#after-the-release)

* [ ] Post-release announcement in reply [email][]: ***LINK TO EMAIL***
```
Security updates for all active release lines, Month Year
The Node.js project has now released new versions of all supported release lines.
For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/
```

* [ ] Post-release announcement to Nodejs.org blog: ***LINK TO BLOG POST***
* (Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
Expand Down

0 comments on commit 85dd634

Please sign in to comment.