-
Notifications
You must be signed in to change notification settings - Fork 121
Issues: nodejs/security-wg
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Have a SBOM for Node.js?
never-stale
#1115
opened Sep 20, 2023 by
marco-ippolito
updated Apr 19, 2024
Requirement (Silver level): Hardening mechanisms
CII-best-practices
never-stale
#1186
opened Jan 4, 2024 by
UlisesGascon
updated Apr 20, 2024
1 task
Collaborators Inactivity Policy Review
#1282
opened Apr 17, 2024 by
marco-ippolito
updated Apr 25, 2024
Assessment against best practices (OpenSSF Scorecards ...)
#859
opened Jan 6, 2023 by
fraxken
updated Apr 25, 2024
Handling
*
paths in --allow-fs-* flags
discussion
never-stale
#1116
opened Sep 22, 2023 by
RafaelGSS
updated May 1, 2024
Audit build process for dependencies
never-stale
security-wg-agenda
#1037
opened Jun 22, 2023 by
mhdawson
updated May 2, 2024
4 of 24 tasks
Permission Model adoption from Package Managers
#1300
opened May 1, 2024 by
RafaelGSS
updated May 2, 2024
Initiative for CII-Best-Practices for Nodejs Projects
CII-best-practices
#953
opened Apr 16, 2023 by
UlisesGascon
updated May 7, 2024
3 of 7 tasks
Proposed approach for build steps in deps which are not in make node
#1236
opened Feb 22, 2024 by
mhdawson
updated May 23, 2024
Security initiative in December 2023: fuzzing Nodejs: https://github.com/google/oss-fuzz/tree/master/projects/nodejs
#1159
opened Nov 23, 2023 by
Amir-Montazery
updated May 23, 2024
Automate security release process
security-wg-agenda
#860
opened Jan 6, 2023 by
RafaelGSS
updated Jun 7, 2024
[Bug]:use pm2 and --experimental-permission, throw Error: Access to this API has been restricted
#1330
opened Jun 14, 2024 by
skypesky
updated Jun 15, 2024
Ping TSC on deps update not from GithubBot
good first issue
#1329
opened Jun 13, 2024 by
marco-ippolito
updated Jun 20, 2024
Node.js maintainers: Threat Model
never-stale
security-wg-agenda
#1333
opened Jun 20, 2024 by
RafaelGSS
updated Jun 20, 2024
Requirement (Gold level): The project MUST have FLOSS automated test suite(s) that provide at least 80% branch and 90% statement coverage
CII-best-practices
#1188
opened Jan 4, 2024 by
UlisesGascon
updated Jul 4, 2024
3 tasks
OpenSSF Scorecard Report Updated!
#1340
opened Jul 4, 2024 by
github-actions
bot
updated Jul 4, 2024
Requirement (Gold level): Secured delivery against man-in-the-middle (MITM) attacks
CII-best-practices
#1190
opened Jan 4, 2024 by
UlisesGascon
updated Jul 6, 2024
Requirement (Gold level): The project MUST include a license and copyright statement in each source file
CII-best-practices
#1187
opened Jan 4, 2024 by
UlisesGascon
updated Jul 6, 2024
1 task
Requirement (Gold level): Use basic good cryptographic practices
#1189
opened Jan 4, 2024 by
UlisesGascon
updated Jul 8, 2024
ProTip!
no:milestone will show everything without a milestone.