doc: stop managing CVEs
@nodejs/tsc We are now using HackerOne to receive vulnerability reports, and one of the services they offer is CVE allocation.
I propose we:
- contact Mitre and request no longer being a CNA
- remove this document
- archive https://github.com/nodejs-private/cve-management
- remove CVE related mail aliases from https://github.com/nodejs/email
Tagging TSC agenda, I think this needs agreement from TSC.