RUSTSEC-2024-0370: proc-macro-error is unmaintained #2317

Open github-actions[bot] opened 2 months ago

proc-macro-error is unmaintained

Details
Status	unmaintained
Package	`proc-macro-error`
Version	`1.0.4`
URL	https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20
Date	2024-09-01

proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.

proc-macro-error also depends on syn 1.x, which may be bringing duplicate dependencies into dependant build trees.

Possible Alternative(s)

proc-macro-error2

See advisory page for additional details.

This is being pulled in by structopt:

cargo tree -i proc-macro-error
proc-macro-error v1.0.4
└── structopt-derive v0.4.18 (proc-macro)
    └── structopt v0.3.26
        ├── s2n-quic-qns v0.1.0 (/Users/wesleyr/Documents/Workspaces/s2n-quic/quic/s2n-quic-qns)
        └── s2n-quic-sim v0.1.0 (/Users/wesleyr/Documents/Workspaces/s2n-quic/quic/s2n-quic-sim)

https://github.com/aws/s2n-quic/issues/2324

aws / s2n-quic

RUSTSEC-2024-0370: proc-macro-error is unmaintained #2317

Possible Alternative(s)