Sergey "Shnatsel" Davidoff

100% safe alternative (for some use cases) now available: https://crates.io/crates/tinyvec

I see two things that could be done here: - Use the `safe_arch` crate to delegate the unsafe code to it (it provides safe wrappers for SIMD intrinsics) - Use...

A while ago I've found one instance of such code to be exploitable: https://rustsec.org/advisories/RUSTSEC-2018-0004.html The solution is to either zero-initialize the vector which is essentially free in one-shot programs, or...

Looks like auditing is done here, we just need to land the PR. Some of the `unsafe` cannot be removed without a performance penalty - blocked on a fixed-capacity Vec...

We're starting a project to address this, initial results are very promising: https://github.com/rust-secure-code/safety-dance

> I am working on geiger.rs (yeah I bought the domain...) that geigers everything in crates.io That is very impressive, but also going to end up quite expensive to run,...

Requested lint for `read_unaligned()` that's prevalent in the code and can be safely replaced: https://github.com/rust-lang/rust-clippy/issues/4891 There is also a similar `write_unaligned()` pattern, we'll need to request a lint for it...

That function itself is marked `unsafe`, so it's OK for it to be wildly unsafe because you cannot call it from a safe context. I.e. any dependency that wants to...

Oh it's not a `pub fn`, it's an internal function. Disregard my earlier comment.

I think this is a good way to improve visibility of the work items. Well, the WG repo itself doesn't have much visibility right now either, but that's a different...