mirror of
https://github.com/GothenburgBitFactory/taskwarrior.git
synced 2025-06-26 10:54:26 +02:00
Add POLICY.md
- https://github.com/taskchampion/taskchampion/issues/210 - https://github.com/taskchampion/taskchampion/milestone/1
This commit is contained in:
Andrew Savchenko
parent
6a0bddab38
commit
8aa6b50969
1 changed files with 54 additions and 0 deletions
54
POLICY.md
Normal file
54
POLICY.md
Normal file
|
|
@ -0,0 +1,54 @@
|
|||
# Compatibility & deprecation
|
||||
|
||||
Until TaskChampion reaches [v1.0.0](https://github.com/taskchampion/taskchampion/milestone/7), nothing is set in stone. That being said, we aim for the following:
|
||||
|
||||
1. Major versions represent significant change and may be incompatible with previous major release.
|
||||
2. Minor versions are always backwards compatible and might add some new functionality.
|
||||
3. Patch versions should not introduce any new functionality and do what name implies — fix bugs.
|
||||
|
||||
As there are no major releases yet, we do not support any older versions. Users are encouraged to use the latest release.
|
||||
|
||||
## ABI policy
|
||||
|
||||
1. We target stable `rustc`.
|
||||
|
||||
## API policy
|
||||
|
||||
1. Deprecated features return a warning at least 1 minor version prior to being removed.
|
||||
|
||||
Example:
|
||||
|
||||
> If support of `--bar` is to be dropped in v2.0.0, we shall announce it in v1.9.0 at latest.
|
||||
|
||||
2. We aim to issue a notice of newly added functionality when appropriate.
|
||||
|
||||
Example:
|
||||
|
||||
> "NOTICE: Since v1.1.0 you can use `--foo` in conjunction with `--bar`. Foobar!"
|
||||
|
||||
3. TaskChampion always uses UTF-8.
|
||||
|
||||
## Exit codes
|
||||
|
||||
- `0` No errors, normal exit.
|
||||
- `1` Generic error.
|
||||
- `2` Never used to avoid conflicts with Bash.
|
||||
- `3` Unable to execute with the given parameters.
|
||||
- `4` I/O error.
|
||||
- `5` Database error, irrespective of the backend used.
|
||||
|
||||
## Command-line interface
|
||||
|
||||
Considered to be part of the API policy.
|
||||
|
||||
# Security
|
||||
|
||||
To report a vulnerability, please contact [dustin@cs.uchicago.edu](dustin@cs.uchicago.edu), you may use GPG public-key `KEY-ID` which is available [here](#). Initial response is expected within ~48h.
|
||||
|
||||
We kinldy ask to follow the responsible disclosure model and refrain from sharing information until:
|
||||
1. Vulnerabilities are patched in TaskChampion + 60 days to coordinate with distributions.
|
||||
2. 90 days since the vulnerability is disclosed to us.
|
||||
|
||||
We recognise the legitimacy of public interest and accept that security researchers can publish information after 90-days deadline unilaterally.
|
||||
|
||||
We will assist with obtaining CVE and acknowledge the vulnerabilites reported.
|
||||
Loading…
Add table
Add a link
Reference in a new issue