-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: tidy README for fork. #78
Conversation
This commit brings over the rustls/rustls project's `SECURITY.md`. The lines about fuzzing coverage are removed since this crate is not presently being fuzzed. The README content on reporting bugs is updated to point to the security policy for security issues, and normal GitHub issues for everything else.
The code has moved from `ctz`'s user account to a `rustls` organization.
No warranty is implied, but we're happy for the terms of the repository's license content to communicate this point instead of it being the very first bit of text in the README.
For the time being the advertised planned improvements don't line up with the work in progress. This commit removes them to avoid any confusion.
Codecov Report
@@ Coverage Diff @@
## main #78 +/- ##
=======================================
Coverage 95.68% 95.68%
=======================================
Files 15 15
Lines 2900 2900
=======================================
Hits 2775 2775
Misses 125 125 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is looking good!
This isn't something that the Rustls fork of webpki has been enforcing, and doesn't seem to match how contributions to other Rustls crates are managed.
This commit offers a somewhat opinionated update to the README, tailoring the content to the audience we expect to be most likely to be reviewing this document: current and potential users of Rustls. The content is now offered in three sections: * "What is webpki" (no header since this is generic), talking about the high level description of the crate, and the fork history * "Features" describing the important parts of the crate that Rustls relies on. * "Limitations" describing what the crate doesn't do, and offering helpful pointers to auxiliary crates. In general the summaries try to be "high-level", brief in length, and not assume too much PKI-specific terminology (A difficult balance to strike...).
Ready for another review pass 🔍 |
Based on discussion in Discord there are some small README cleanups we can make for this fork of webpki:
SECURTIY.md
from the primaryrustls/rustls
repo is added (minus a reference to fuzzing), and that document is used to replace the full-disclosure policy previously recommended by the upstream crate in the README.Clarifying the goals of the project w.r.t precisely defining the scope of the web PKI will require more discussion and so is left as future work for now.