Rust @programming.dev snaggen @programming.dev 1 yr. ago

Looks like the sede situation is being worked on

github.com Provide opt-out cfg to use `serde_derive` source by pinkforest · Pull Request #2580 · serde-rs/serde

Closes #2538 Supercedes #2579 Follows my recommendation: #2579 (comment) Current choice: Opt-Out (current commit) Override via cfg(serde_derive_build = "source") to build from source Alterative: Op...

You're viewing a single thread.

13 comments

So, the general unsuspecting public will still be executing this potentially-malicious binary, and only those in the know will be able to avoid it?
- Only if that PR gets accepted, which is unlikely.
  
  A similar PR was accepted.
  
  Yeah, that was very unexpected.

You've viewed 13 comments.