From ad2e9134a9f7fbc12f721622ffc5cd769f426962 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8D=C3=B1igo=20Marqu=C3=ADnez=20Prado?= <25435858+inigomarquinez@users.noreply.github.com> Date: Tue, 9 Apr 2024 08:35:54 +0200 Subject: [PATCH 1/3] chore: move docs from tools folder to its own folder under root --- {tools/docs => docs}/ThreatModel.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {tools/docs => docs}/ThreatModel.md (100%) diff --git a/tools/docs/ThreatModel.md b/docs/ThreatModel.md similarity index 100% rename from tools/docs/ThreatModel.md rename to docs/ThreatModel.md From 68a0a172ed9fe8c9ddc18eaad914fe2acf8a46cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8D=C3=B1igo=20Marqu=C3=ADnez=20Prado?= <25435858+inigomarquinez@users.noreply.github.com> Date: Tue, 9 Apr 2024 08:37:00 +0200 Subject: [PATCH 2/3] chore: move packages-in-scipe.md under docs folder --- {tools/scope => docs}/packages-in-scope.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {tools/scope => docs}/packages-in-scope.md (100%) diff --git a/tools/scope/packages-in-scope.md b/docs/packages-in-scope.md similarity index 100% rename from tools/scope/packages-in-scope.md rename to docs/packages-in-scope.md From 22d72e159250ccaed217ff67ff0d5b88f4aa0e57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8D=C3=B1igo=20Marqu=C3=ADnez=20Prado?= <25435858+inigomarquinez@users.noreply.github.com> Date: Wed, 10 Apr 2024 08:57:16 +0200 Subject: [PATCH 3/3] docs: update reference to packages-in-scope.md in the readme file --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3308195..5aa395d 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ The Security Working Group manages all aspects and processes linked to the Expre ### Responsibilities - Define the Security triage role -- Define and maintain security policies and procedures for the project and the packages in scope (see [this table for scope details](https://github.com/expressjs/security-wg/blob/main/tools/scope/packages-in-scope.md)) +- Define and maintain security policies and procedures for the project and the packages in scope (see [this table for scope details](https://github.com/expressjs/security-wg/blob/main/docs/packages-in-scope.md)) - Provide guidance to the ecosystem on how to build more secure middleware - Review and recommend processes for handling of security reports. - Promote improvement of security practices within the Express project's ecosystem (For example: [OSSF Scorecard](https://github.com/expressjs/discussions/issues/162), threat model, etc..)