[llvm] Improve description of what is considered a security issue (PR #147035)
Kristof Beyls via llvm-commits
llvm-commits at lists.llvm.org
Thu Jul 17 03:53:37 PDT 2025
================
@@ -204,10 +205,9 @@ The LLVM Security Policy may be changed by majority vote of the LLVM Security Re
What is considered a security issue?
----------------
kbeyls wrote:
I quite like the sentence that @wphuhn-intel suggested above as a general principle: "_issues with LLVM that affect developers who consciously chose to use LLVM tooling to generate binaries are considered out-of-scope, issues with LLVM which affect the end users of said developer are in scope._" That being said, I'm not sure if it would correctly cover all the different cases we do document further in detail.
I'd prefer to land this PR without a tl;dr, as is.
We can then see what the feedback is on the this version of the documentation, and add a well-thought-through tl;dr if the feedback is clear that that would be a major improvement.
https://github.com/llvm/llvm-project/pull/147035
More information about the llvm-commits
mailing list