From 055147f900d640e1c68bfafbbc77e70eea10b95b Mon Sep 17 00:00:00 2001 From: Behnam Esfahbod Date: Wed, 30 Aug 2017 18:14:29 -0700 Subject: [PATCH] [src/doc/book] Update 03-10-policies.md from policies.md --- src/doc/MIGRATION_MAP | 2 +- src/doc/book/src/03-10-policies.md | 20 +++++++++++++++++++- src/doc/policies.md | 5 ++--- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/src/doc/MIGRATION_MAP b/src/doc/MIGRATION_MAP index 5e9ee25a4..dce42efeb 100644 --- a/src/doc/MIGRATION_MAP +++ b/src/doc/MIGRATION_MAP @@ -8,6 +8,6 @@ guide.md book/src/guide.md book/src/02-*.md index.md book/src/SUMMARY.md book/src/01-*.md manifest.md book/src/03-02-manifest.md pkgid-spec.md book/src/03-07-pkgid-spec.md -policies.md +policies.md book/src/03-10-policies.md source-replacement.md specifying-dependencies.md diff --git a/src/doc/book/src/03-10-policies.md b/src/doc/book/src/03-10-policies.md index db71c083a..f6565d305 100644 --- a/src/doc/book/src/03-10-policies.md +++ b/src/doc/book/src/03-10-policies.md @@ -40,7 +40,14 @@ is hosted. The Rust project has a [Code of Conduct] which governs appropriate conduct for the Rust community. In general, any content on Crates.io that violates the Code -of Conduct may be removed. There are two important, related aspects: +of Conduct may be removed. Here, content can refer to but is not limited to: + +- Package Name +- Package Metadata +- Documentation +- Code + +There are two important, related aspects: - We will not be pro-actively monitoring the site for these kinds of violations, but relying on the community to draw them to our attention. @@ -48,5 +55,16 @@ of Conduct may be removed. There are two important, related aspects: cannot be directly answered in the hypothetical sense. All of the details must be taken into consideration in these kinds of situations. +# Security + +Cargo and crates.io are projects that are governed by the Rust Programming +Language Team. Safety is one of the core principles of Rust, and to that end, +we would like to ensure that cargo and crates.io have secure implementations. +To learn more about disclosing security vulnerabilities, please reference the +[Rust Security policy] for more details. + +Thank you for taking the time to responsibly disclose any issues you find. + +[Rust Security policy]: https://www.rust-lang.org/security.html [Code of Conduct]: https://www.rust-lang.org/conduct.html [sending us an email]: mailto:help@crates.io diff --git a/src/doc/policies.md b/src/doc/policies.md index c8b3c1c28..ff3b6a620 100644 --- a/src/doc/policies.md +++ b/src/doc/policies.md @@ -30,7 +30,6 @@ Code of Conduct. We do not have any policies to define 'squatting', and so will not hand over ownership of a package for that reason. - ## The Law For issues such as DMCA violations, trademark and copyright infringement, @@ -58,10 +57,10 @@ There are two important, related aspects: # Security -Cargo and crates.io are projects that are governed by the Rust Programming +Cargo and crates.io are projects that are governed by the Rust Programming Language Team. Safety is one of the core principles of Rust, and to that end, we would like to ensure that cargo and crates.io have secure implementations. -To learn more about disclosing security vulnerabilities, please reference the +To learn more about disclosing security vulnerabilities, please reference the [Rust Security policy] for more details. Thank you for taking the time to responsibly disclose any issues you find.