From ff8e1b860e3403ede134f7d957433d588e44abab Mon Sep 17 00:00:00 2001 From: Michael Dawson Date: Thu, 12 Oct 2023 16:44:55 +0000 Subject: [PATCH] doc: update security release process - update security release process to reflect current way to ask for tweet to amplify security release blog posts. Signed-off-by: Michael Dawson PR-URL: https://github.com/nodejs/node/pull/50166 Reviewed-By: Richard Lau Reviewed-By: Luigi Pinca Reviewed-By: Rafael Gonzaga --- doc/contributing/security-release-process.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md index fd33f3ccbb5afd..a3a4224de95fea 100644 --- a/doc/contributing/security-release-process.md +++ b/doc/contributing/security-release-process.md @@ -120,7 +120,8 @@ The google groups UI does not support adding a CC, until we figure out a better way, forward the email you receive to `oss-security@lists.openwall.com` as a CC. -* [ ] Send a message to `#nodejs-social` in OpenJS Foundation slack +* [ ] Post in the [nodejs-social channel][] + in the OpenJS slack asking for amplication of the blog post. ```text Security release pre-alert: @@ -179,7 +180,8 @@ out a better way, forward the email you receive to For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/ ``` -* [ ] Create a new issue in [nodejs/tweet][] +* [ ] Post in the [nodejs-social channel][] + in the OpenJS slack asking for amplication of the blog post. ```text Security release: @@ -238,5 +240,5 @@ The steps to correct CVE information are: [H1 CVE requests]: https://hackerone.com/nodejs/cve_requests [docker-node]: https://github.com/nodejs/docker-node/issues [email]: https://groups.google.com/forum/#!forum/nodejs-sec +[nodejs-social channel]: https://openjs-foundation.slack.com/archives/C0142A39BNE [nodejs/build]: https://github.com/nodejs/build/issues -[nodejs/tweet]: https://github.com/nodejs/tweet/issues