From "Insecurity and Python Pickles" (2024) https://news.ycombinator.com/item?id=39685128 :
> There should be a data-only pickle serialization protocol (that won't serialize or deserialize code).
> How much work would it be to create a pickle protocol that does not exec or eval code?
"Title: Pickle protocol version 6: skipcode pickles" https://discuss.python.org/t/create-a-new-pickle-protocol-ve...
You could use https://github.com/trailofbits/fickling for analysis.
From "Insecurity and Python Pickles" (2024) https://news.ycombinator.com/item?id=39685128 :
> There should be a data-only pickle serialization protocol (that won't serialize or deserialize code).
> How much work would it be to create a pickle protocol that does not exec or eval code?
"Title: Pickle protocol version 6: skipcode pickles" https://discuss.python.org/t/create-a-new-pickle-protocol-ve...