Consider removing easyjson dependency due to sanction concerns

[alexandear]

This project has a direct dependency on github.com/mailru/easyjson, a Go library with maintainers based in Russia and affiliated with VK Group. VK Group has known ties to the Russian government and a history of cooperating with Russian security services, including sharing user data.

According to the Hunted Labs report, "The Russian Open Source Project That We Can’t Live Without", this dependency poses a significant supply chain risk. A compromised easyjson library could lead to severe consequences, including:

• Supply chain backdoors
• Remote code execution
• Espionage
• Data exfiltration
• Potential "kill switch" functionality

To mitigate these risks, I propose to remove this indirect dependency.

[daveshanley]

Anyone looking for a drop in replacement until this library is updated?

https://github.com/pb33f/ordered-map

easyjson free, non breaking, transparent change (except the name).

github.com/pb33f/ordered-map/v2 v2.2.0