Andrew Hart
Results
3
issues of
Andrew Hart
It is easy to accidentally allow another user to influence what code node loads and executes. Details can be found at HackerOne reports 1564437 (CommonJS module loading), 1564444 (ECMAScript module...
esm
needs-ci
What is the preferred process for reporting a security vulnerability in pm2? I emailed the same question to [email protected] a week ago and haven't seen a reply.
The README.md links to ./processes/security_team_membership_policy.md, but that link is dead. processes/wg_offboarding.md points to https://github.com/nodejs/security-wg/blob/master/processes/third_party_vuln_process.md, but that link is dead.