This issue is for tracking the initiative to adopt OpenJS CNA for CVE Operations. **Blockers:** - [ ] We are waiting until `Phase 1: Build the API` https://github.com/openjs-foundation/security-wg/issues/337 is completed to porperly test the workflow with NCU **Backlog:** - [ ] Update Node.js Security process documentation (https://github.com/nodejs/node/pull/63894) - [ ] Add support to the OpenJS CNA to NCU (https://github.com/nodejs/node-core-utils/pull/1093) - [ ] Check how the H1 integration will work (confirm workflow and data details) - [ ] Check if @UlisesGascon can get an API Token in H1 to validate the implementation **References:** - [ ] https://github.com/openjs-foundation/security-wg/issues/337
This issue is for tracking the initiative to adopt OpenJS CNA for CVE Operations.
Blockers:
Phase 1: Build the APIOpenJS CNA API to support project operations openjs-foundation/security-wg#337 is completed to porperly test the workflow with NCUBacklog:
References: