fabric-sdk-go has direct dependency github.com/cloudflare/cfssl which depends from github.com/zmap/zcrypto.Thus this package is our service transitive dependency.
The github.com/zmap/zcrypto package specifies in its README file :
"ZCrypto is a research library, designed to be used for data collection and analysis, as well as experimenting and prototyping. It should not be used to provide security for production systems".
We cannot include into our stack a package which marked as experimental and dangerous . Can you exclude dependency from github.com/zmap/zcrypto or make it optional?
fabric-sdk-go has direct dependency github.com/cloudflare/cfssl which depends from github.com/zmap/zcrypto.Thus this package is our service transitive dependency. The github.com/zmap/zcrypto package specifies in its README file : "ZCrypto is a research library, designed to be used for data collection and analysis, as well as experimenting and prototyping. It should not be used to provide security for production systems". We cannot include into our stack a package which marked as experimental and dangerous . Can you exclude dependency from github.com/zmap/zcrypto or make it optional?