search

hyperium / tonic

A native gRPC client & server implementation with async/await support.
https://docs.rs/tonic
MIT License
10.02k stars 1.02k forks source link

Add a security policy #1100

Closed howardjohn closed 2 years ago

howardjohn commented 2 years ago

Feature Request

Motivation

it would be useful to have a documented security policy. https://github.com/hyperium/hyper/blob/master/SECURITY.md is an example of one that I would expect may be reasonable, given the Tokio connection

Proposal

Add a SECURITY.md with similar content as https://github.com/hyperium/hyper/blob/master/SECURITY.md (if that applies to this project!)

Alternatives

If the Tokio security policy doesn't apply to tonic, it would be helpful to also indicate that so folks have correct expectations.

LucioFranco commented 2 years ago

Hi! Yes, we should for sure add this just like the one in hyper. I would totally accept a PR for this! Thanks!