doc: include CVE to EOL lines as sec release process

Refs: nodejs/security-wg#1401 PR-URL: nodejs#56520 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Ulises Gascón <[email protected]>
zys-contrib · Jan 10, 2025 · 649da3b · 649da3b
1 parent 25b22e4
commit 649da3b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
@@ -65,6 +65,8 @@ The current security stewards are documented in the main Node.js
 * [ ] 4\. **Requesting CVEs:**
   * Request CVEs for the reports with `git node security --request-cve`.
   * Make sure to have a green CI before requesting a CVE.
+  * Check if there is a need to issue a CVE for any version that became
+    EOL after the last security release through [this issue](https://github.com/nodejs/security-wg/issues/1419).
 
 * [ ] 5\. **Choosing or Updating Release Date:**
   * Get agreement on the planned date for the release.