Skip to content

Conversation

@UlisesGascon
Copy link
Member

@bjohansebas
Copy link
Member

Then we should make references to treat mode in the global policy. I really thought that was the only reason it hadn't been done, because treat mode was only being referenced here

Copy link

@Hardanish-Singh Hardanish-Singh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

UlisesGascon added a commit to expressjs/.github that referenced this pull request Sep 8, 2025
Added a section on the Express Threat Model to the security policy.

Related: expressjs/express#6570 (review)
@UlisesGascon
Copy link
Member Author

The PR expressjs/.github#36 should unblock this PR (cc @bjohansebas )

Copy link
Member

@bjohansebas bjohansebas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, minor concern: make sure there are no links redirecting to this file, and also please don’t merge until expressjs/.github#36 has been merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants