Path applied,
Thanks!

The patch has been applied and pushed to master.
I'll draft a new release of the library once 
all the other pathches have been applied as well.

Thanks again for your contribution!

First of all, thanks a lot for the spending time on improving
the library, I appreciate!

> - limiting hash
> keys to integers, floats, bytes and strings

While I understand the idea behind this,
I think it’s actually against the CBOR RFC specs.
The spec says, when defining the maps data type:

> Major type 5: a map of pairs of data items.

A data item can be any of the CBOR supported data types,
so that includes complex types (such as other maps and lists).

Thanks for the patch!

Personally, I see no advantages in making this functionality opt-in:
All the types are correctly scoped and will only act if used
with a cobr decoder/encoder.

Can you move this logic to the from_cbor.cr and the to_cbor.cr
files respectively, so it’s always included and follows the rest
of the library pattern for those type extension.

It would be great if you could add some tests for this

It was definetely a mistake, thanks for the fix.

Applied in d5a8c0ef9d81d6249ed6de1a2709afa0239a1b5f

> Just to let you know, I don't push new PRs now because I wait for you to
> read my previous ones, but I implemented CBOR::Any.
> It is really useful to have the same API than JSON.

Sorry for the delay and thank you so much for your contributions!

> After that I will review the current code to check for possible security
> breaches.
> I will use this library for production, and I have to be confident that
> _at least_ the simplest attacks are mitigated.

I think this library would be a good candidate for some fuzzy testing.
However I've never done it and I'm not sure I have the time to get into
it right now.

Thanks for your contributions!

I already applied this changes this time around to speed-up the process
given the amount of contributions you submitted and that I fell a bit
behind, I hope to be able to be a bit more responsinve in the next
weeks.

Just a couple of comments that I already addressed:

> + # puts "self.new_from_cbor_decoder"

I don't know if it's on purpose, but please avoid leving commented-out
logs.

Hey!

I just wanted to drop-in quickly to say that I don't have much time this
week to look a the code, but I'm very grateful for the contributions!

This weeked I'll give the patches a proper review.

> This proposal fixes everything.

I marked the first patch as rejected, so we can keep the conversation
going in this patch.

> - floating values can be trimmed into 16-bit floating values when
> possible.

Hey all!

Hope you're having a nice week and that you and you family are
safe in this weird times.

I just released version 0.2.1 of crystal-cbor,
which contains an important fix as passing a IO to the
to_cbor methods was not working.

I recommend upgrading to avoid stumbling on this silly bug.

- Alberto