search

Drakulix / simplelog.rs

Simple Logging Facility for Rust
https://docs.rs/simplelog/
Apache License 2.0
423 stars 71 forks source link

Security advisories #67

Closed brightly-salty closed 3 years ago

brightly-salty commented 3 years ago

After running cargo audit on my project, I got the following warning (Link to advisory) concerning this package's dependencies. Perhaps they should be implemented by replacing term with crossterm, termcolor, or yansi? I realize it would not be an easy fix since this dependency is likely important to simplelog's functioning.

Crate:         term
Version:       0.5.2
Warning:       unmaintained
Title:         term is looking for a new maintainer
Date:          2018-11-19
ID:            RUSTSEC-2018-0015
URL:           https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── simplelog 0.5.3
brightly-salty commented 3 years ago

Sorry, false alarm. Was using an older version of the crate. Newer version does not have this warning.