From 649da3b8377e030ea7b9a1bc0308451e26e28740 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Fri, 10 Jan 2025 14:02:12 -0300
Subject: [PATCH] doc: include CVE to EOL lines as sec release process
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Refs: https://github.com/nodejs/security-wg/issues/1401
PR-URL: https://github.com/nodejs/node/pull/56520
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 doc/contributing/security-release-process.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
index 3508180e0d5..d8a871bd969 100644
--- a/doc/contributing/security-release-process.md
+++ b/doc/contributing/security-release-process.md
@@ -65,6 +65,8 @@ The current security stewards are documented in the main Node.js
 * [ ] 4\. **Requesting CVEs:**
   * Request CVEs for the reports with `git node security --request-cve`.
   * Make sure to have a green CI before requesting a CVE.
+  * Check if there is a need to issue a CVE for any version that became
+    EOL after the last security release through [this issue](https://github.com/nodejs/security-wg/issues/1419).
 
 * [ ] 5\. **Choosing or Updating Release Date:**
   * Get agreement on the planned date for the release.