search

aws / aws-nitro-enclaves-nsm-api

This provides a library for interacting with the Nitro Secure Module, which provides Nitro Enclaves with attestation capability.
Apache License 2.0
62 stars 43 forks source link

`serde_cbor` crate has been archived #19

Open raoulstrackx opened 2 years ago

raoulstrackx commented 2 years ago

The serde_cbor crate has been archived. Is there a plan to deal with this?

petreeftime commented 2 years ago

I looked into alternatives some time ago, and ciborium was missing some features and minicbor required significant work. I'll take another look, I see https://github.com/enarx/ciborium/issues/22 was finally closed and there's a new version of ciborium available, but it would mean dropping support for pre-1.56 Rust versions.

raoulstrackx commented 2 years ago

Thanks for the fast reply @petreeftime! Much appreciated!

emostov commented 2 years ago

@petreeftime any updates here? :)

vidhatha commented 1 year ago

@petreeftime This causes cargo audit to fail. Any plans on looking into this issue? Thanks in advance.

petreeftime commented 1 year ago

No, not at the moment. https://github.com/enarx/ciborium seems just about as unmaintained as serde_cbor and https://gitlab.com/twittner/minicbor would require some significant changes. The warning is that the project is unmaintained, which is true, but it seems stable and bug free. I am considering forking it or including it as a subcrate to provide additional maintenance when that will be needed, but at this point there is no real benefit to replace it and can be safely ignored in cargo-audit, unless someone feels strongly about replacing it (probably to minicbor, ciborium seems to be pretty much unmaintained) and provides a PR for it.

emostov commented 1 year ago

No, not at the moment. https://github.com/enarx/ciborium seems just about as unmaintained as serde_cbor and https://gitlab.com/twittner/minicbor would require some significant changes. The warning is that the project is unmaintained, which is true, but it seems stable and bug free. I am considering forking it or including it as a subcrate to provide additional maintenance when that will be needed, but at this point there is no real benefit to replace it and can be safely ignored in cargo-audit, unless someone feels strongly about replacing it (probably to minicbor, ciborium seems to be pretty much unmaintained) and provides a PR for it.

@petreeftime #38 attempts to replace serde_cbor with minicbor.

vidhatha commented 1 year ago

@petreeftime thanks for the response. Maybe we can look at @emostov attempts to replace serde_cbor