Reference nodejs/security-wg#819.

One of Security WG's initiatives is to create a best practices document for end-users. We've been actively working on that and finally, we have something to share.

This document intends to extend the current threat model(under development) and provide extensive guidelines on how to secure a Node.js application. The target audience is Node.js users/developers.

I think is important to have @nodejs/tsc eyes here as well.

@nodejs/security-wg Thanks to everyone who helped in that journey (I'll include all of you as Co-Author soon as I get your handles)

Co-authored-by: Ulises Gascon UlisesGascon@users.noreply.github.com
Co-authored-by: Thomas Gentilhomme gentilhomme.thomas@gmail.com
Co-authored-by: Facundo Tuesca facundo.tuesca@trailofbits.com
Co-authored-by: Michael Dawson midawson@redhat.com
Co-authored-by: Andrew Hart 829024+arhart@users.noreply.github.com
Co-authored-by: Zbyszek Tenerowicz naugtur@gmail.com
Co-authored-by: Yagiz Nizipli yagiz@nizipli.com