daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc: clarify that WASM is trusted 

Signed-off-by: Matteo Collina <hello@matteocollina.com>
PR-URL: https://github.com/nodejs/node/pull/56345
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
pull/56346/head
Matteo Collina 2024-12-25 12:22:25 +01:00 committed by GitHub
parent d00710dd8d
commit 7ca753166f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
SECURITY.md
View File

@ -111,8 +111,8 @@ lead to a loss of confidentiality, integrity, or availability.
1. The developers and infrastructure that runs it.
2. The operating system that Node.js is running under and its configuration,
along with anything under control of the operating system.
3. The code it is asked to run, including JavaScript and native code, even if
said code is dynamically loaded, e.g., all dependencies installed from the
3. The code it is asked to run, including JavaScript, WASM and native code, even
if said code is dynamically loaded, e.g., all dependencies installed from the
npm registry.
The code run inherits all the privileges of the execution user.
4. Inputs provided to it by the code it is asked to run, as it is the