Proposed security disclosure policy


#1

This post on internals is also relevant to Rust users, and we would appreciate feedback from everyone, so I’m cross-posting here for attention.