We recently created a security policy page for crates.io at https://crates.io/policies/security (which, incidentally, links to rustsec-- if you'd like anything changed about that section, please send us a PR! ❤️ )
I'm on a mission to make sure as many crate authors as possible know, before there's a major security incident, that the Rust Foundation can help handling security problems that happen in the ecosystem, so in addition to adding a more general FAQ linking to the crates.io security policy, I've added a question that links to the ecosystem security help section directly.
I also noticed the Rust security policy wasn't linked in the FAQs here at all, so I added one for that too.
I'm open to changing the wording on any of these new FAQ entries, and if there are other places instead of, or in addition to, this that this info should live, please let me know and I'm happy to change/add it!
Hi!
We recently created a security policy page for crates.io at https://crates.io/policies/security (which, incidentally, links to rustsec-- if you'd like anything changed about that section, please send us a PR! ❤️ )
I'm on a mission to make sure as many crate authors as possible know, before there's a major security incident, that the Rust Foundation can help handling security problems that happen in the ecosystem, so in addition to adding a more general FAQ linking to the crates.io security policy, I've added a question that links to the ecosystem security help section directly.
I also noticed the Rust security policy wasn't linked in the FAQs here at all, so I added one for that too.
I'm open to changing the wording on any of these new FAQ entries, and if there are other places instead of, or in addition to, this that this info should live, please let me know and I'm happy to change/add it!
Thank you for all your hard work! ❤️