term dependency is unmaintained and needs to be replaced

Drakulix / simplelog.rs

Simple Logging Facility for Rust

https://docs.rs/simplelog/

Apache License 2.0

439 stars 73 forks source link

term dependency is unmaintained and needs to be replaced #54

Closed extrawurst closed 4 years ago

extrawurst commented 4 years ago

cargo audit returns:

...

warning: 1 warning found

Crate:  term
Title:  term is looking for a new maintainer
Date:   2018-11-19
URL:    https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.6.1
└── simplelog 0.7.5
    └── audit 0.1.0

warning: 1 warning found!

reproduction:

cargo new audit
cd audit
echo 'simplelog ="*"' >> Cargo.toml
cargo fetch
cargo audit

using macOS

extrawurst commented 4 years ago

ok I worked around this by disabling default-features

Drakulix commented 4 years ago

Thanks for the heads-up. While a quick workaround is nice, this should still be fixed. It seems that libtest and other projects moved to termcolor as a replacement. I will investigate this solution in short term and would also accept PRs on this subject.