OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
45,742 Commits 30 Branches 683 Tags
master
Commit Graph

40 Commits

Author SHA1 Message Date
Rafael Gonzaga
4031355dd6 doc: clarify threat model for application-level API exposure 
Add examples of non-vulnerabilities when applications expose Node.js
APIs to untrusted users without proper security boundaries.

PR-URL: https://github.com/nodejs/node/pull/61184
Reviewed-By: Aviv Keller <me@aviv.sh>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2025-12-30 00:07:14 +00:00
Matteo Collina
0a5418088f doc: exclude compile-time flag features from security policy 
Add a new section to the security model clarifying that experimental
features behind compile-time flags are not covered by the vulnerability
reporting policy. These features are intended for development only and
are not enabled in official releases.

PR-URL: https://github.com/nodejs/node/pull/61109
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2025-12-20 10:21:03 +00:00
Ulises Gascón
15c276d59c doc: add security escalation policy 
PR-URL: https://github.com/nodejs/node/pull/59806
Refs: https://github.com/openjs-foundation/cross-project-council/pull/1588
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Richard Lau <richard.lau@ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2025-09-15 06:54:35 +00:00
Matteo Collina
323f19c18f doc: clarify experimental platform vulnerability policy 
Adds a new section to the threat model specifying that security
vulnerabilities affecting only experimental platforms will not be
accepted as valid security issues and will be treated as normal bugs.

This clarifies that experimental OS/hardware combinations do not
qualify for CVEs or bug bounty rewards, aligning with their limited
testing and support infrastructure.

Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/59591
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
 2025-08-25 10:35:13 +00:00
Rafael Gonzaga
a43f984761 doc: add security incident reponse plan 
PR-URL: https://github.com/nodejs/node/pull/59470
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
 2025-08-20 17:57:45 +00:00
Rafael Gonzaga
e6652316a8 doc: add path.join and path.normalize clarification 
This commit adds explicit clarification to the Node.js threat model
that path manipulation functions such as path.join() and
path.normalize()
trust their input. Issues related to these functions that rely on
unsanitized input are not considered vulnerabilities requiring CVEs.

PR-URL: https://github.com/nodejs/node/pull/59262
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2025-07-30 19:01:40 +00:00
Rich Trott
ad81548bf5 doc: copyedit SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/59190
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2025-07-26 04:45:34 +00:00
Rafael Gonzaga
9188563304 doc: add constraints for mem leak to threat model 
As discussed in https://github.com/nodejs-private/node-private/pull/719.

We should clarify what the criteria are to accept
memory leak as a vulnerability (potential DoS).

Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs/node/pull/58917
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2025-07-24 03:53:28 +00:00
Matteo Collina
bd3f27166b meta: allow penetration testing on live system with prior authorization 
Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/57966
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
 2025-04-23 15:42:25 +00:00
Rafael Gonzaga
4868ca4a80 doc: mention reports should align with Node.js CoC 
Refs: https://github.com/nodejs/moderation/issues/830
PR-URL: https://github.com/nodejs/node/pull/57607
Reviewed-By: Jordan Harband <ljharb@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Stefan Stojanovic <stefan.stojanovic@janeasystems.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
 2025-03-26 15:00:58 +00:00
Rafael Gonzaga
645e376231 doc: explicit mention arbitrary code execution as a vuln 
This request came from Github Open Source Secure and
it's always welcome to clarify the policy

PR-URL: https://github.com/nodejs/node/pull/57426
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
 2025-03-14 22:51:52 +00:00
Antoine du Hamel
f9fb410f88 doc: use <ul> instead of <ol> in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/56346
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2024-12-25 13:17:41 +01:00
Matteo Collina
7ca753166f doc: clarify that WASM is trusted 
Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/56345
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-12-25 11:22:25 +00:00
Rafael Gonzaga
d1b8b5c92e doc: update blog link to /vulnerability 
PR-URL: https://github.com/nodejs/node/pull/56198
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-12-11 17:04:36 +00:00
Aviv Keller
01c88f9136 meta: fix links in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/54696
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2024-09-03 16:38:27 +00:00
Rich Trott
a2446de50f doc: fix minor grammar and style issues in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/53168
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
 2024-05-28 17:40:22 +00:00
Antoine du Hamel
14293814a7 doc: clarify Corepack threat model 
PR-URL: https://github.com/nodejs/node/pull/51917
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2024-03-01 23:02:41 +00:00
Rafael Gonzaga
a71210ba60 doc: mention node:wasi in the Threat Model 
PR-URL: https://github.com/nodejs/node/pull/51211
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2023-12-21 12:55:52 +00:00
Rafael Gonzaga
3f4c127f92 doc: include experimental features assessment 
PR-URL: https://github.com/nodejs/node/pull/48824
Refs: https://github.com/nodejs-private/node-private/issues/420
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruy Adorno <ruyadorno@google.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
 2023-07-21 13:51:55 +00:00
Mohammed Keyvanzadeh
a6748ec342 doc: fix typos in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/47677
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Deokjin Kim <deokjin81.kim@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2023-04-23 06:00:17 +00:00
Rafael Gonzaga
23f4a6c7e1 doc: clarify reports are only evaluated on active versions 
PR-URL: https://github.com/nodejs/node/pull/47341
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Beth Griggs <bethanyngriggs@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2023-04-03 09:28:10 +00:00
Matteo Collina
42c4a35952 meta: clarify the threat model to explain the JSON.parse case 
Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/47276
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2023-03-30 12:40:57 +00:00
Rich Trott
da2210ef3f doc: fix typo in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/47282
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2023-03-28 12:42:45 -07:00
Michael Dawson
088e470dcd doc: update threat model based on discussions 
Signed-off-by: Michael Dawson <mdawson@devrus.com>

PR-URL: https://github.com/nodejs/node/pull/46373
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
 2023-02-01 10:11:32 -05:00
Vaishno Chaitanya
4aa537c005 doc: fix spelling in SECURITY.md 
PR-URL: https://github.com/nodejs/node/pull/46124
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
 2023-01-07 07:52:07 -08:00
Tobias Nießen
ccd3a42dd9 doc: fix typo in threat model 
Refs: https://github.com/nodejs/node/pull/45223
PR-URL: https://github.com/nodejs/node/pull/45558
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
 2022-11-21 14:25:43 +00:00
Rafael Gonzaga
487fa8a16a doc: add Node.js Threat Model 
Co-authored-by: Michael Dawson <midawson@redhat.com>
Co-authored-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
Co-authored-by: Ulises Gascon <UlisesGascon@users.noreply.github.com>
Co-authored-by: Thomas Gentilhomme <gentilhomme.thomas@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/45223
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
 2022-11-21 11:13:47 +00:00
Michael Dawson
da44fd8002 doc: allow for holidays in triage response 
Signed-off-by: Michael Dawson <mdawson@devrus.com>

PR-URL: https://github.com/nodejs/node/pull/45267
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
 2022-11-08 12:06:06 -08:00
Tobias Nießen
895cc572ac doc: use ASCII apostrophes consistently 
PR-URL: https://github.com/nodejs/node/pull/43114
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
 2022-05-17 20:04:51 +01:00
Rich Trott
ce1c53665e doc: remove reference to obsolete security program 
The ecosystem security program via HackerOne is no longer a thing.
Remove mention of it from SECURITY.md.

PR-URL: https://github.com/nodejs/node/pull/42144
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
 2022-03-01 04:40:12 +00:00
Matteo Collina
265a47d680 meta: increase security policy response targets 
PR-URL: https://github.com/nodejs/node/pull/40968
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
 2021-11-27 20:20:36 -08:00
Rich Trott
86099a375a tools: avoid unnecessary escaping in markdown formatter 
Update mdast-util-to-markdown to 1.2.4 which reduces unnecessary
escaping of `_` and some other characters. Re-run markdown formatter.

PR-URL: https://github.com/nodejs/node/pull/40645
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
 2021-10-31 09:36:05 -07:00
Rich Trott
88e82b890b doc: format general markdown files 
Use `make format-md` to format general markdown files.

PR-URL: https://github.com/nodejs/node/pull/40322
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2021-10-06 21:20:55 -07:00
Antoine du Hamel
26e318a321 doc: use HEAD instead of master for links 
PR-URL: https://github.com/nodejs/node/pull/38518
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
 2021-05-05 10:45:30 +02:00
Rich Trott
360bf9b289 doc: use sentence-case for headers in SECURITY.md 
Our doc style guide calls for sentence-case in headers.

PR-URL: https://github.com/nodejs/node/pull/34525
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Stewart X Addison <sxa@uk.ibm.com>
 2020-07-28 21:58:58 -07:00
Rich Trott
5c347887d9 doc: synch SECURITY.md with website 
Refs: https://github.com/nodejs/nodejs.org/pull/3106#issuecomment-614258785

PR-URL: https://github.com/nodejs/node/pull/32903
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2020-04-19 12:02:42 -07:00
Rich Trott
d2d5c97015 doc: remove usage of "Node" in favor of "Node.js" 
In accordance with the Style Guide, remove "Node" in favor of "Node.js".
A lint rule for this is forthcoming.

PR-URL: https://github.com/nodejs/node/pull/30758
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2019-12-03 22:48:29 -08:00
Sam Roberts
dd74b163f9 doc: sync security policy with nodejs.org 
The Node.js security disclosure policy has diverged between the website
and github:
- https://nodejs.org/en/security/
- https://github.com/nodejs/node/security/policy

The website is more recent and accurate, so sync the content from:
- https://github.com/nodejs/nodejs.org/blob/master/locale/en/security.md

PR-URL: https://github.com/nodejs/node/pull/29682
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2019-09-28 16:58:57 -07:00
Nick Schonning
e2dcbf1c32 doc: use consistent unordered list style 
Convert to asterisks when there are mixed styles in document.
Addresses Markdownlint MD004 rule

PR-URL: https://github.com/nodejs/node/pull/29516
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
 2019-09-16 11:24:54 -07:00
warnerp18
472a3d890b doc: add SECURITY.md to readme.md 
This adds a SECURITY.md file and links to the security document per the
request of @https://github.com/Trott at a recent SF Node meetup.

PR-URL: https://github.com/nodejs/node/pull/24031
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2018-11-04 00:08:18 -07:00