Open kornelski opened 2 years ago
michalfita
commented
1 year ago @abonander is this crate still maintained? Apart the fact twoway is deprecated this crate uses old version causing cargo deny to bark at me in red if I want to use pact_consumer.
FYI: @ferdonline
oherrala
commented
1 year ago Deprecation was also announced in RustSec's advisory DB yesterday: https://rustsec.org/advisories/RUSTSEC-2021-0146
kpcyrd
commented
1 year ago I don't know if the deprecation of twoway is worth the advisory, using warp currently causes my project to be flagged with https://osv.dev/RUSTSEC-2021-0146 by osv-scanner.
There's an open PR to fix this: https://github.com/abonander/multipart/pull/144
I also noticed multipart uses very old code style, it still has clippy as a dependency and extern crate style imports.
michalfita
commented
1 year ago I'm afraid @abonander abandoned this project and soon it would get its own advisory.
oherrala
commented
1 year ago I'm afraid @abonander abandoned this project and soon it would get its own advisory.
michalfita
commented
1 year ago O wow... Worse than I though. Do we have alternatives?
BTW it's time crates.io shows advisories as warnings.
The twoway crate is obsolete. I suggest replacing it with memchr. The twoway crate also breaks Cargo's
-Z minimal-versionsoption, because it can indirectly cause libc 0.1 to be pulled in.