TOCTOUs are not handled at the moment.
json2dir is not strictly additive — it tries to delete a file or directory before overwriting it. This is an implementation detail.
At the moment, file names and their contents must be valid UTF-8. In the future, arbitrary file names and contents will be supported by base64-encoding them.
Strings with multiple path segments are currently rejected. This restriction might be relaxed in the future.
String paths with special path segments (e.g. .., .) are rejected. This is a measure to localize effects of json2dir to its working directory.