As per this discussion <https://forum.djangoproject.com/t/feedback-discussion-for-adding-rate-limiting-to-core-gsoc-2022/12472> on the Django Forum, there is some concern about adding rate-limiting to core as a part of this year's GSoC. The project is listed on this wiki page <https://code.djangoproject.com/wiki/SummerOfCode2022#Addrate-limitingtocore> .
The main concern is, paraphrasing @claudep, that it would be very easy to introduce DoS vectors to pretty much all Django applications if rate-limiting is not used/configured properly. If users currently use a third party application to implement rate-limiting, its security is their responsibility. But if we add rate-limiting to core, it would become our responsibility to make sure that we don't introduce DoS vectors to unsuspecting users' applications. I would love to work on this project, but I wanted to address this risk and confirm that this project is still viable. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/bfaacfda-c359-4c89-9f3b-e9c05a2c0766n%40googlegroups.com.
