Security Team

Table of Contents

• Node.js Bug Bounty Program
• Current Initiatives
• Current Project Team Members
• Emeritus Members
• Code of Conduct
• Moderation Policy

This team is not responsible for managing or responding to security reports against Node.js itself. That responsibility remains with the Node.js TSC.

Node.js Bug Bounty Program

The program is managed through the HackerOne platform at https://hackerone.com/nodejs with further details.

Current Initiatives

Initiative	Champion	Status	Links
Automate Security release process	@marco-ippolito / @RafaelGSS	In Progress	Issue #860
Node.js maintainers: Threat Model	Group effort	In Progress	Issue #1333
Audit build process for dependencies	@mhdawson	TODO	Issue #1037

Current Project Team Members

• fraxken - Thomas Gentilhomme
• marco-ippolito - Marco Ippolito
• mdawson - Michael Dawson
• RafaelGSS - Rafael Gonzaga
• ulisesGascon - Ulises Gascon

Emeritus Members

• ChALkeR - Сковорода Никита Андреевич
• DanielRuf - Daniel Ruf
• MarcinHoppe - Marcin Hoppe
• SomeoneWeird - Adam Brady
• aeleuterio André Eleuterio
• ashishkurmi - Ashish Kurmi
• bengl - Bryan English
• brycebaril - Bryce Baril
• cjihrig - Colin Ihrig
• deian - Deian Stefan
• dgonzalez - David Gonzalez
• digitalinfinity - Hitesh Kanwathirtha
• dougwilson - Doug Wilson
• drifkin - Devon Rifkin
• elexy - Alex Knol
• esarafianou - Eva Sarafianou
• evilpacket - Adam Baldwin
• gergelyke - Gergely Nemeth
• gibfahn - Gibson Fahnestock
• grnd - Danny Grander
• jasnell - James M Snell
• jbergstroem - Johan Bergström
• joshgav - Josh Gavant
• karenyavine Karen Yavine Shemesh
• lirantal - Liran Tal
• mcollina - Matteo Collina
• mgalexander - Michael Alexander
• ofrobots - Ali Ijaz Sheikh
• pxlpnk - Andreas Tiefenthaler
• roccomuso - Rocco Musolino
• ronperris - Ron Perris
• sam-github - Sam Roberts
• shigeki - Shigeki Ohtsu
• vdeturckheim - Vladimir de Turckheim

Code of Conduct

The Node.js Code of Conduct applies to this team.

Moderation Policy

The Node.js Moderation Policy applies to this team.