diff --git a/alpha/engagements/2023/rust/update-2023-11.md b/alpha/engagements/2023/rust/update-2023-11.md index 8fbafed5..ca5c4465 100644 --- a/alpha/engagements/2023/rust/update-2023-11.md +++ b/alpha/engagements/2023/rust/update-2023-11.md @@ -44,7 +44,7 @@ Walter has added crate and function level data annotations, including for unsafe Walter and Joel attended an open source security round-table with members of the open source, language and package ecosystem community. Walter presented on [Painter](https://github.com/rustfoundation/painter) and we had folks wanting continuous access to its data - which we are working on setting up the infrastructure for that. Most of the presentations were on various mechanisms to secure package ecosystems, and there are ideas and implementations(e.g., machine-based identity, TUF, trusted publishers, etc.) that may make sense for the Rust Project. -Adam and Tobias attended [PackagingCon 2023](https://packaging-con.org/) to network with other package manager ecosystems and share ideas on securing them. +Adam and Tobias attended [PackagingCon 2023](https://packaging-con.org/) to network with other package manager ecosystems and share ideas on securing them. Adam also gave a [presentation](https://cfp.packaging-con.org/2023/talk/RNYVN9/) called *What's in a name(space)?* that discusses how different package ecosystems, including Rust, handle naming. Members of the Rust Foundation attended [EuroRust](https://eurorust.eu/2023/), which the Rust Foundation sponsored. @@ -54,4 +54,4 @@ Tobias published a [post](https://blog.rust-lang.org/2023/10/26/broken-badges-an The Crate Quarantine [RFC](https://github.com/rust-lang/rfcs/pull/3464) has been revitalized with a review by Tobias this month. -The [RFC](https://github.com/rust-lang/rfcs/pull/3463) proposed to update the Terms of Use for crates.io is in its [Final Comment Period (FCP)](https://blog.rust-lang.org/2023/09/22/crates-io-usage-policy-rfc.html). Discussion still continues. This RFC is based on prior work by other package managers such as PyPI and npm. The main motivation for this RFC is to give the crates.io team a fixed set of rules to determine if a project is using crates.io in a reasonable way, or if the user should get a warning and the project potentially be removed. It is mostly codifying the existing practices of the team, except for being more strict regarding name squatting. \ No newline at end of file +The [RFC](https://github.com/rust-lang/rfcs/pull/3463) proposed to update the Terms of Use for crates.io is in its [Final Comment Period (FCP)](https://blog.rust-lang.org/2023/09/22/crates-io-usage-policy-rfc.html). Discussion still continues. This RFC is based on prior work by other package managers such as PyPI and npm. The main motivation for this RFC is to give the crates.io team a fixed set of rules to determine if a project is using crates.io in a reasonable way, or if the user should get a warning and the project potentially be removed. It is mostly codifying the existing practices of the team, except for being more strict regarding name squatting.