snaggen@programming.dev to

Rust@programming.devEnglish · 11 months ago

What is going on with serde?

social.treehouse.systems

91

What is going on with serde?

social.treehouse.systems

snaggen@programming.dev to

Rust@programming.devEnglish · 11 months ago

Meg (@megmac@treehouse.systems)

social.treehouse.systems

hoooooly shit the new version of serde_derive includes a pre-built executable and has no official way to turn that off? Wtaf. https://github.com/serde-rs/serde/issues/2538 #rustlang

So, serde seems to be downloading and running a binary on the system without informing the user and without any user consent. Does anyone have any background information on why this is, and how this is supposed to be a good idea?

dtolnay seems like a smart guy, so I assume there is a reason for this, but it doesn’t feel ok at all.

Chat

manpacket@lemmyrs.org
link
fedilink
English
arrow-up
6·
11 months ago
No, serde_derive contains the binary and if you are on linux it will try to run it without asking the user. In fact there’s no way to make it so it won’t run.

Rust@programming.dev

rust@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !rust@programming.dev

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

!performance@programming.dev

Credits

The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

5 users / day
104 users / week
528 users / month
2.33K users / 6 months
14 local subscribers
5.4K subscribers
723 Posts
2.95K Comments
Modlog