-
No. The code in question is plainly visible in the crate:
https://github.com/eleijonmarck/do-not-compile-this-code/blo...
This is true for all third-party libraries. If you blindly download and execute code from the Internet, this is a risk you are assuming.
As I stated above, if you need more security, you can download all the dependencies and build inside an isolated container.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
It seems like that will change in the (near) future according to the following github issue[0]. A quote from one of the developers, rami3l, in that thread[1]:
> My current plan is indeed to remove implicit installations entirely.
[0]: https://github.com/rust-lang/rustup/issues/3635
[1]: https://github.com/rust-lang/rustup/issues/3635#issuecomment...
-
Go core team has admitted that Go toolchain 1.22.n versions break backward compatibility: https://github.com/golang/go/issues/66092
There is another breakage case: https://github.com/golang/go/issues/66070 and the team leader doesn't plan to fix it.