It is a plus that the documentation clearly states that this module in no longer being developed or supported.
But the documentation seems to define 'taint aware' as "None of the input data is executed" which is rather worrying.
It actually seems to be taint aware in some acceptable sense (when de-serializing a tainted value the results seems to be tainted) but this seems more accidentally that a design decision and at lease it ought to be backed up with proper testing.
3 out of 3 found this review helpful. Was this review helpful to you? Yes No