ryu
★
★
★
★
★
3
reviews
Fast floating point to string conversion
83
Security
40
Quality
52
Maintenance
61
Overall
v1.0.23
Crates
Rust
Feb 8, 2026
No Known Issues
This package has a good security score with no known vulnerabilities.
692
GitHub Stars
5.0/5
Avg Rating
Community Reviews
RECOMMENDED
Rock-solid, minimal dependency formatter with zero security surface area
From a security perspective, ryu is exemplary. It's a pure algorithmic implementation with zero dependencies, meaning your supply chain risk is minimal. The crate does exactly one thing: converts floats to strings using the Ryu algorithm. No network calls, no file I/O, no unsafe behavior that could cause memory corruption in typical usage.
The API is dead simple - you're typically using it indirectly through serde_json or directly via `Buffer::new().format(value)`. There's no input validation needed because it accepts primitive float types directly from Rust's type system. Error handling is essentially non-existent because the operation is infallible for valid floats. This simplicity is a security win: no error messages that could leak information, no edge cases with exceptions.
The library follows secure-by-default principles perfectly because there's nothing to configure wrong. It just works deterministically. The maintainer has shown excellent CVE response historically (though there have been none for this crate), and the code is straightforward enough to audit in an afternoon. For float serialization in security-sensitive contexts, this is as safe as it gets.
The API is dead simple - you're typically using it indirectly through serde_json or directly via `Buffer::new().format(value)`. There's no input validation needed because it accepts primitive float types directly from Rust's type system. Error handling is essentially non-existent because the operation is infallible for valid floats. This simplicity is a security win: no error messages that could leak information, no edge cases with exceptions.
The library follows secure-by-default principles perfectly because there's nothing to configure wrong. It just works deterministically. The maintainer has shown excellent CVE response historically (though there have been none for this crate), and the code is straightforward enough to audit in an afternoon. For float serialization in security-sensitive contexts, this is as safe as it gets.
Zero dependencies eliminates supply chain attack surface entirely
Pure algorithmic implementation with no I/O means no information disclosure vectors
Type-safe API prevents malformed input through Rust's type system
Small, auditable codebase that can be reviewed in under an hour
Limited to float formatting only - not a con for security, but narrow scope
No configuration options if you need custom output formatting
Best for: Any project requiring fast, deterministic float-to-string conversion where supply chain security and minimal attack surface are priorities.
Avoid if: You need locale-aware formatting or custom precision controls beyond standard Ryu output.
RECOMMENDED
Rock-solid, zero-config float formatting with excellent ergonomics
Ryu is refreshingly straightforward to use in practice. The API is minimalist in the best way—just import and call the formatting functions. No configuration structs, no builder patterns, no lifetime wrangling. You get Buffer::new() for stack allocation or direct formatting via macros, and it just works. The type signatures are dead simple, making IDE autocompletion trivial.
What really stands out is how it drops into existing codebases. Replacing standard library formatting with ryu is typically a one-line change, and the performance gains are immediate and measurable. Error handling is non-existent because the operations are infallible—no Result types to unwrap, which simplifies calling code considerably.
Documentation is lean but complete. The README covers the 95% use case in seconds, and rustdoc explains the few API surfaces clearly. No surprises, no gotchas. The crate follows Rust conventions perfectly, so if you know Rust, you know ryu. It's the kind of library that you add once and never think about again.
What really stands out is how it drops into existing codebases. Replacing standard library formatting with ryu is typically a one-line change, and the performance gains are immediate and measurable. Error handling is non-existent because the operations are infallible—no Result types to unwrap, which simplifies calling code considerably.
Documentation is lean but complete. The README covers the 95% use case in seconds, and rustdoc explains the few API surfaces clearly. No surprises, no gotchas. The crate follows Rust conventions perfectly, so if you know Rust, you know ryu. It's the kind of library that you add once and never think about again.
API surface is tiny and intuitive—Buffer type with simple new() and format methods
Zero-configuration needed; works identically to std::fmt for drop-in replacement
Infallible operations mean no Result handling or error propagation complexity
Clear rustdoc with practical examples for both stack and heap allocation patterns
Limited customization options if you need specific formatting beyond standard float representation
No built-in support for localization or alternative decimal separators
Best for: Projects needing fast, standards-compliant float-to-string conversion without configuration overhead.
Avoid if: You need highly customized numeric formatting with precision control or locale-specific separators.
RECOMMENDED
Dead simple drop-in replacement that just works
Ryu is refreshingly straightforward to use. The API is minimal—basically just import the `Buffer` type and call `format()` or `format_finite()`. There's essentially zero learning curve if you've ever converted a float to a string before. The documentation is sparse but that's because there's genuinely not much to explain. You get exactly what you need: fast float formatting with correct rounding.
In practice, integration is painless. I've used it in both performance-critical serialization code and general-purpose formatting. Error handling is non-existent because the operations are infallible (you're just formatting numbers). The only gotcha is remembering to use the buffer for stack allocation when performance matters, but even if you forget and use the convenience methods, it still works fine.
Debugging is trivial since there's almost no surface area for things to go wrong. The output matches Rust's standard formatting, so there are no surprises. Common use cases like JSON serialization or CSV export are completely straightforward—just swap your `to_string()` calls with ryu and enjoy the speedup.
In practice, integration is painless. I've used it in both performance-critical serialization code and general-purpose formatting. Error handling is non-existent because the operations are infallible (you're just formatting numbers). The only gotcha is remembering to use the buffer for stack allocation when performance matters, but even if you forget and use the convenience methods, it still works fine.
Debugging is trivial since there's almost no surface area for things to go wrong. The output matches Rust's standard formatting, so there are no surprises. Common use cases like JSON serialization or CSV export are completely straightforward—just swap your `to_string()` calls with ryu and enjoy the speedup.
Minimal API surface means instant productivity with near-zero onboarding time
Drop-in replacement for standard float formatting with identical output
Stack-allocated Buffer type makes zero-allocation use cases obvious and easy
Infallible operations eliminate error handling boilerplate entirely
Documentation is minimal, though the API is simple enough this rarely matters
No community discussion needed—which means few Stack Overflow examples if you want patterns
Best for: Any project needing faster float-to-string conversion, especially serialization libraries and data export tools.
Avoid if: You need custom float formatting options beyond standard decimal representation.
Write a Review
Sign in to write a review
Sign In
Dependencies