Linus Färnstrand

I also ran into this for a binary crate with checked in `Cargo.lock`. I knew I had vulnerabilities, but this action did not find them :open_mouth:. Turned out it's beacuse...

I just published [`esp-ota`](https://crates.io/crates/esp-ota) and then I found this issue right after. This issue has lots of good links and references. `esp-idf-svc` even has an OTA implementation?! :exploding_head:. I wish...

Using `u64` for `Ipv4Network` would solve the issue there. But it would make the API less symmetrical in a way since we need some other solution for `Ipv6Network`. I think...

I realize the `BITS` constants are *not* exposed from the crate. I think we should do this, no matter how `size` is handled. They should probably be associated constants: ```rust...

Please mind that the current version only panics in debug mode. In release mode where overflows are not caught it just returns size `0`. That is potentially even worse, since...

This was fixed in #28? So maybe the issue is done? Can we maybe get a release with this fix? We want to use the library with the stricter permissions....

Disabling GPU acceleration definitely has performance impacts on some systems. But I agree that we should use way less VRAM on idle! We'll see what we can do.

Hi! It's amazing that you want to help and took the time to do this. But please see our contribution guidelines and PR template: https://github.com/mullvad/mullvadvpn-app/blob/master/CONTRIBUTING.md#localization--translations > The app is translated...

Exactly when do you mean that you are leaking data? We need to communicate with our API before we can establish any VPN tunnel. First of all, we check that...

Thanks for describing your use case. We'll discuss it and see if we can improve on this!