Open iamasmith opened 3 months ago
Following update (which builds and runs fine for me) it just flags the two unmaintained deps.
prometheus_wireguard_exporter % cargo audit
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 615 security advisories (from /Users/andrews/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (145 crate dependencies)
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── clippy 0.0.302
└── prometheus_wireguard_exporter 3.6.6
Crate: atty
Version: 0.2.14
Warning: unsound
Title: Potential unaligned read
Date: 2021-07-04
ID: RUSTSEC-2021-0145
URL: https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
└── env_logger 0.9.3
├── prometheus_wireguard_exporter 3.6.6
└── prometheus_exporter_base 1.4.0
└── prometheus_wireguard_exporter 3.6.6
warning: 2 allowed warnings found
prometheus_wireguard_exporter %
Thanks for putting in the effort to create this btw!, I really appreciate it. I actually got a link to this when I was beginning to design my own exporter and was looking at comparative ways of naming and labelling the metrics to be most in keeping with other similar metrics. I saw this, and it had all the tests in place, and pretty much matched what I was going to to anyway. Plus I get another language to study which is good 👍
The build does seem to work fine for me after a full cargo update for all packages but I'm only using it on a very specific OS/arch so a broad update probably needs full tests but today when I ran cargo audit prior to updating I got...