Security Team

Table of Contents

Node.js Bug Bounty Program
Current Initiatives
Current Project Team Members
Emeritus Members
Code of Conduct
Moderation Policy

This team is not responsible for managing or responding to security reports against Node.js itself. That responsibility remains with the Node.js TSC.

Node.js Bug Bounty Program

The program is managed through the HackerOne platform at https://hackerone.com/nodejs with further details.

Current Initiatives

Initiative	Champion	Status	Links
Automate Security release process	@marco-ippolito / @RafaelGSS	In Progress	Issue #860
Node.js maintainers: Threat Model	Group effort	In Progress	Issue #1333
Audit build process for dependencies	@mhdawson	TODO	Issue #1037

Current Project Team Members

fraxken - Thomas Gentilhomme
marco-ippolito - Marco Ippolito
mdawson - Michael Dawson
RafaelGSS - Rafael Gonzaga
ulisesGascon - Ulises Gascon

Emeritus Members

ChALkeR - Сковорода Никита Андреевич
DanielRuf - Daniel Ruf
MarcinHoppe - Marcin Hoppe
SomeoneWeird - Adam Brady
aeleuterio André Eleuterio
ashishkurmi - Ashish Kurmi
bengl - Bryan English
brycebaril - Bryce Baril
cjihrig - Colin Ihrig
deian - Deian Stefan
dgonzalez - David Gonzalez
digitalinfinity - Hitesh Kanwathirtha
dougwilson - Doug Wilson
drifkin - Devon Rifkin
elexy - Alex Knol
esarafianou - Eva Sarafianou
evilpacket - Adam Baldwin
gergelyke - Gergely Nemeth
gibfahn - Gibson Fahnestock
grnd - Danny Grander
jasnell - James M Snell
jbergstroem - Johan Bergström
joshgav - Josh Gavant
karenyavine Karen Yavine Shemesh
lirantal - Liran Tal
mcollina - Matteo Collina
mgalexander - Michael Alexander
ofrobots - Ali Ijaz Sheikh
pxlpnk - Andreas Tiefenthaler
roccomuso - Rocco Musolino
ronperris - Ron Perris
sam-github - Sam Roberts
shigeki - Shigeki Ohtsu
vdeturckheim - Vladimir de Turckheim

Code of Conduct

The Node.js Code of Conduct applies to this team.

Moderation Policy

The Node.js Moderation Policy applies to this team.