From f8c7064d450cc068144c4dad1d63535cba25ae6d Mon Sep 17 00:00:00 2001 From: jdalton Date: Tue, 23 Jul 2019 13:57:47 -0700 Subject: [PATCH] Cleanup security.md document. --- SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index a161fef0b..ab901dc97 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -25,10 +25,10 @@ We consider the security of our systems a top priority. But no matter how much e If you discover a security vulnerability, please use one of the following means of communications to report it to us: -- Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix. +- Report the security issue to the Node.js Security Working Group through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix. Note that time-frame and processes are subject to each program’s own policy. -- Report the security issue to the project maintainers directly. +- Report the security issue to the project maintainers directly at [security@lodash.com](mailto:security@lodash.com). Your efforts to responsibly disclose your findings are sincerely appreciated and will be taken into account to acknowledge your contributions.