Open kornelski opened 2 years ago
@abonander is this crate still maintained? Apart the fact twoway
is deprecated this crate uses old version causing cargo deny
to bark at me in red if I want to use pact_consumer
.
FYI: @ferdonline
Deprecation was also announced in RustSec's advisory DB yesterday: https://rustsec.org/advisories/RUSTSEC-2021-0146
I don't know if the deprecation of twoway is worth the advisory, using warp currently causes my project to be flagged with https://osv.dev/RUSTSEC-2021-0146 by osv-scanner.
There's an open PR to fix this: https://github.com/abonander/multipart/pull/144
I also noticed multipart
uses very old code style, it still has clippy
as a dependency and extern crate
style imports.
I'm afraid @abonander abandoned this project and soon it would get its own advisory.
I'm afraid @abonander abandoned this project and soon it would get its own advisory.
O wow... Worse than I though. Do we have alternatives?
BTW it's time crates.io shows advisories as warnings.
The twoway crate is obsolete. I suggest replacing it with memchr. The twoway crate also breaks Cargo's
-Z minimal-versions
option, because it can indirectly cause libc 0.1 to be pulled in.