Skip to content

Commit bd9b96c

Browse files
jaschdocjaschdoc
authored
docs: rename trust to security context (#268)
1 parent cf7b508 commit bd9b96c

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

src/packages.md

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -88,33 +88,33 @@ This happens because `flix/museum` has the following dependency tree:
8888
- `flix/museum-restaurant` which depends on
8989
- `org.apache.commons:commons-lang3`
9090

91-
### Security & Trust Levels
91+
### Security
9292
To reduce the risk of supply-chain attacks, every dependency
93-
has a *trust* level--even if you don't set one explicitly.
94-
Trust levels control which language features a dependency may use.
95-
Higher trust levels enable more features but also increase
93+
has a *security context*--even if you don't set one explicitly.
94+
Security contexts control which language features a dependency may use.
95+
Broader security contexts enable more features but also increase
9696
the risk of supply-chain attacks.
9797

98-
The trust levels are as follows (from lowest to highest):
98+
The security contexts are defined as follows (from lowest to highest):
9999
- `paranoid`: forbids Java interop, the `IO` effect, and unchecked casts.
100100
- `plain` (default): permits the `IO` effect but forbids Java interop
101101
and unchecked casts.
102102
- `unrestricted`: allows Java interop, the `IO` effect, and unchecked casts.
103103

104-
You can set the trust level of each dependency in the manifest like so:
104+
You can set the security context of each dependency in the manifest like so:
105105
```toml
106106
[dependencies]
107-
"github:flix/museum" = { "version" = "1.4.0", "trust" = "plain" }
108-
"github:magnus-madsen/helloworld" = { "version" = "1.3.0", "trust" = "unrestricted" }
107+
"github:flix/museum" = { version = "1.4.0", security = "plain" }
108+
"github:magnus-madsen/helloworld" = { version = "1.3.0", security = "unrestricted" }
109109
```
110110

111-
Trust levels are transitive: a dependency's trust level also applies
111+
Security contexts are transitive: a dependency's security context also applies
112112
to its transitive dependencies, unless a dependency explicitly declares
113-
a lower trust level.
113+
a lesser security context.
114114
If multiple dependencies require the same library,
115-
the library inherits the lowest trust level requested.
115+
the library inherits the most restrictive security context requested.
116116

117-
The recommended approach is to **not** specify a trust level, thus
117+
The recommended approach is to **not** specify a security context, thus
118118
defaulting to `plain`.
119119
It provides the best balance between flexibility and safety.
120120
You should avoid `unrestricted` when possible, as it permits
@@ -123,7 +123,7 @@ Even building or compiling code that includes `unrestricted` dependencies
123123
can by itself expose you to a supply-chain attack.
124124
However, the package manager never downloads a package
125125
that declares Java dependencies in its manifest if it has
126-
trust level `plain` or lower.
126+
security context `plain` or lower.
127127

128128
You should attempt to only depend on core library packages
129129
and use your own handlers (or in some cases default handlers).

0 commit comments

Comments
 (0)