parity-util-mem soundness

[pinkforest]

Came across while investigating this: #1394

paritytech/parity-common#364

Both Github repository and crates.io readme contains a big warning:
https://github.com/paritytech/parity-common/tree/master/parity-util-mem
https://crates.io/crates/parity-util-mem

Cheers

[pinkforest]

Hmm:

• release is coming paritytech/parity-common#697 "R.I.P. parity-util-mem ⚰️"
• Lift burden of single parity-util-mem version per Repo paritytech/parity-common#607 (comment)
• Remove parity-util-mem paritytech/parity-common#696
• Get rid of parity-util-mem dependency paritytech/substrate#12658

There is movement away from it not sure about the status of this crate.
@alvicsam and @ordian - are people supposed to use this crate or should we flag this as unmaintained ?

[ordian]

parity-util-mem is no longer maintained.

It was never meant to be a general-purpose crate and only was used in substrate ecosystem, which no longer depends on it. I can make a patch release (some time next week) which warns users about its usage in README and marks it as unmaintained.

There are probably some alternatives like https://github.com/bholley/malloc_size_of_derive.

[pinkforest]

Cool thanks no worries - we'll just nudge anyone using not to use it