search

aws / s2n-quic

An implementation of the IETF QUIC protocol
https://crates.io/crates/s2n-quic
Apache License 2.0
1.13k stars 120 forks source link

RUSTSEC-2024-0370: proc-macro-error is unmaintained #2317

Open github-actions[bot] opened 1 week ago

github-actions[bot] commented 1 week ago

proc-macro-error is unmaintained

Details
Status unmaintained
Package proc-macro-error
Version 1.0.4
URL https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20
Date 2024-09-01

proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.

proc-macro-error also depends on syn 1.x, which may be bringing duplicate dependencies into dependant build trees.

Possible Alternative(s)

See advisory page for additional details.

WesleyRosenblum commented 9 hours ago

This is being pulled in by structopt:

cargo tree -i proc-macro-error
proc-macro-error v1.0.4
└── structopt-derive v0.4.18 (proc-macro)
    └── structopt v0.3.26
        ├── s2n-quic-qns v0.1.0 (/Users/wesleyr/Documents/Workspaces/s2n-quic/quic/s2n-quic-qns)
        └── s2n-quic-sim v0.1.0 (/Users/wesleyr/Documents/Workspaces/s2n-quic/quic/s2n-quic-sim)
WesleyRosenblum commented 9 hours ago

https://github.com/aws/s2n-quic/issues/2324