Skip to content

Document process to follow when security vulnerability are announced and 1 or more of our repos are affected. #45

Closed
@schalkneethling

Description

@schalkneethling

Recently there was a security vulnerability found in a NPM package that interactive examples and BoB indirectly depended on. The required quick action, including notifying users, contributors and forks of these projects.

We need to document the process that followed as it seemed to have been very effective. This will take away some of the guesswork should this scenario happen again in future.

Acceptance Criteria

  • A document describing this process exists in mdn/mdn and has been reviewed by 1 knowledgeable stakeholder.

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions