-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate away from json
dependency that is unmaintained and unsound
#139
Comments
Are there any REAL problems with the library? Are there any bugs or security issues with it? An alternative wold be to get rid of the json library alltogether. |
Pull requests are welcome ;) |
It contains undefined behaviour if https://rustsec.org/advisories/RUSTSEC-2022-0081 lists some alternatives,
Sounds like a viable solution as well, I'll try to look into it in the near future. |
Describe the bug you encountered:
Cargo-deny reports several issues when adding this crate to the tree. One of them is related to
json
crate that is unmaintained and unsound.It'd be welcome if this crate could migrate to one of alternatives listed in the advisory.
What did you expect to happen instead?
Clean report from cargo-deny.
How did you install
pyroscope-rs
?Added it as a dependency to one of the crates in the project.
version:
pyroscope 0.5.7
os: Ubuntu 22.04
The text was updated successfully, but these errors were encountered: