Bump serde from 1.0.210 to 1.0.216 (#1487) #3670
Security advisories found
5 unmaintained, 1 unsound, 1 other
Details
Warnings
RUSTSEC-2021-0139
ansi_term is Unmaintained
Details | |
---|---|
Status | unmaintained |
Package | ansi_term |
Version | 0.12.1 |
URL | ogham/rust-ansi-term#72 |
Date | 2021-08-18 |
The maintainer has advised that this crate is deprecated and will not receive any maintenance.
The crate does not seem to have much dependencies and may or may not be ok to use as-is.
Last release seems to have been three years ago.
Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
Dependency Specific Migration(s)
RUSTSEC-2024-0375
atty
is unmaintained
Details | |
---|---|
Status | unmaintained |
Package | atty |
Version | 0.2.14 |
URL | softprops/atty#57 |
Date | 2024-09-25 |
The maintainer of atty
has published an official notice that the crate is no longer
under development, and that users should instead rely on the functionality in the standard library's IsTerminal
trait.
Alternative(s)
- std::io::IsTerminal - Stable since Rust 1.70.0 and the recommended replacement per the
atty
maintainer. - is-terminal - Standalone crate supporting Rust older than 1.70.0
RUSTSEC-2024-0384
instant
is unmaintained
Details | |
---|---|
Status | unmaintained |
Package | instant |
Version | 0.1.13 |
Date | 2024-09-01 |
This crate is no longer maintained, and the author recommends using the maintained web-time
crate instead.
RUSTSEC-2024-0370
proc-macro-error is unmaintained
Details | |
---|---|
Status | unmaintained |
Package | proc-macro-error |
Version | 1.0.4 |
URL | https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20 |
Date | 2024-09-01 |
proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.
proc-macro-error also depends on syn 1.x
, which may be bringing duplicate dependencies into dependant build trees.
Possible Alternative(s)
RUSTSEC-2020-0163
term_size
is unmaintained; useterminal_size
instead
Details | |
---|---|
Status | unmaintained |
Package | term_size |
Version | 0.3.2 |
URL | clap-rs/term_size-rs#31 |
Date | 2020-11-03 |
The term_size
crate is no longer maintained. Consider using
terminal_size
instead.
RUSTSEC-2021-0145
Potential unaligned read
Details | |
---|---|
Status | unsound |
Package | atty |
Version | 0.2.14 |
URL | softprops/atty#50 |
Date | 2021-07-04 |
On windows, atty
dereferences a potentially unaligned pointer.
In practice however, the pointer won't be unaligned unless a custom global allocator is used.
In particular, the System
allocator on windows uses HeapAlloc
, which guarantees a large enough alignment.
atty is Unmaintained
A Pull Request with a fix has been provided over a year ago but the maintainer seems to be unreachable.
Last release of atty
was almost 3 years ago.
Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
- std::io::IsTerminal - Stable since Rust 1.70.0
- is-terminal - Standalone crate supporting Rust older than 1.70.0
Crate futures-util
is yanked
No extra details provided.