doc: ping nodejs/tsc for each security pull request

Refs: nodejs/TSC#1687 PR-URL: #57309 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Marco Ippolito <[email protected]>
nodejs · Mar 6, 2025 · ded4eca · ded4eca
1 parent 395439b
commit ded4eca
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
@@ -56,6 +56,9 @@ The current security stewards are documented in the main Node.js
     * Use the "summary" feature in HackerOne. Example [2038134](https://hackerone.com/reports/2038134)
     * `git node security --add-report=report_id`
     * `git node security --remove-report=report_id`
+  * Ensure to ping the Node.js TSC team for review of the PRs prior to the release date.
+    * Adding individuals with expertise in the report topic is also a viable option if
+      communicated properly with nodejs/security and TSC.
 
 * [ ] 3\. **Assigning Severity and Writing Team Summary:**
   * [ ] Assign a severity and write a team summary on HackerOne for the reports