Tony Arcieri

@newpavlov based on my discussions with the Unsafe Code Working Group, `zeroize`'s usage of `write_volatile` is fine. In fact, it lead to changing some of the language in the documentation...

FWIW, much of what @Amanieu is talking about is highlighted in this paper: https://eprint.iacr.org/2023/1713.pdf We should definitely add stack spilling to the list of caveats documented here: https://github.com/RustCrypto/utils/blob/160fa8c0cbc3ad1e2f272a0b07083fa41a4ded89/zeroize/src/lib.rs#L193-L195

Wow, what is this (unrelated) failure in `cpufeatures` when building on macOS: https://github.com/RustCrypto/utils/actions/runs/3868175503/jobs/6593444420#step:6:13 ``` = note: ld: in /Users/runner/.rustup/toolchains/1.40.0-x86_64-apple-darwin/lib/rustlib/x86_64-apple-darwin/lib/libgetopts-1988d9ef7be544ff.rlib(rust.metadata.bin), archive member 'rust.metadata.bin' with length 198423 is not mach-o or llvm...

Yes

@rubdos we're working off the `releases/4.0` branch for development, so you'll definitely want to rebase this

@randombit the [`pkcs8::KeypairBytes`](https://docs.rs/ed25519/latest/ed25519/pkcs8/struct.KeypairBytes.html) type could still be used to serialize PKCS#8 v2 if desired, by leveraging the [`From`](https://github.com/dalek-cryptography/curve25519-dalek/blob/a2ff6ba/ed25519-dalek/src/signing.rs#L698-L713) impl.

It would be good to open an issue on cbreeden/fxhash asking about the maintenance status. There are issues [indirectly inquiring about it](https://github.com/cbreeden/fxhash/issues/18#issuecomment-1415851760) but none that are actually explicit, AFAICT

We can order the keys alphabetically, that's fine. Would you care to open a PR?

@alexrudy if this is still relevant, can you refile against https://github.com/rustcrypto/jose? Thanks!

This should probably be feature gated to avoid a massive MSRV bump and disrupting existing users. That was very problematic the last time we bumped MSRV to add const generic...