Skip to content

Bump libc from 0.2.168 to 0.2.169 (#489) #968

Bump libc from 0.2.168 to 0.2.169 (#489)

Bump libc from 0.2.168 to 0.2.169 (#489) #968

GitHub Actions / Security audit succeeded Dec 20, 2024 in 0s

Security advisories found

3 unmaintained, 1 other

Details

Warnings

RUSTSEC-2021-0139

ansi_term is Unmaintained

Details
Status unmaintained
Package ansi_term
Version 0.12.1
URL ogham/rust-ansi-term#72
Date 2021-08-18

The maintainer has advised that this crate is deprecated and will not receive any maintenance.

The crate does not seem to have much dependencies and may or may not be ok to use as-is.

Last release seems to have been three years ago.

Possible Alternative(s)

The below list has not been vetted in any way and may or may not contain alternatives;

Dependency Specific Migration(s)

RUSTSEC-2024-0375

atty is unmaintained

Details
Status unmaintained
Package atty
Version 0.2.14
URL softprops/atty#57
Date 2024-09-25

The maintainer of atty has published an official notice that the crate is no longer
under development, and that users should instead rely on the functionality in the standard library's IsTerminal trait.

Alternative(s)

  • std::io::IsTerminal - Stable since Rust 1.70.0 and the recommended replacement per the atty maintainer.
  • is-terminal - Standalone crate supporting Rust older than 1.70.0

RUSTSEC-2024-0370

proc-macro-error is unmaintained

Details
Status unmaintained
Package proc-macro-error
Version 1.0.4
URL https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20
Date 2024-09-01

proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.

proc-macro-error also depends on syn 1.x, which may be bringing duplicate dependencies into dependant build trees.

Possible Alternative(s)