ld/nvm
1
0
Fork 0
mirror of https://github.com/nvm-sh/nvm.git synced 2025-06-26 11:08:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
7838bcda2e
nvm/.github/SECURITY.md
Jordan Harband 1aab8b2d5a
[meta] update security policy; add IRP
2025-06-23 16:11:48 -07:00

1.1 KiB
Raw Blame History

Security

Please file a private vulnerability report via GitHub, email @ljharb, or see https://tidelift.com/security if you have a potential security vulnerability to report.

OpenSSF CII Best Practices

CII Best Practices

There are three “tiers”: passing, silver, and gold.

Passing

We meet 100% of the “passing” criteria.

Silver

We meet 100% of the “silver” criteria.

Gold

We meet 78% of the “gold” criteria. The gaps are as follows:

  • because we only have one maintainer, the project has no way to continue if that maintainer stops being active.
  • We do not include a copyright or license statement in each source file. Efforts are underway to change this archaic practice into a suggestion instead of a hard requirement.

Threat Model

See THREAT_MODEL.md.

Incident Response Plan

Please see our Incident Response Plan.