Outdated proc-macro-error dependency causes advisory issue

[matze]

• Version of embedded-graphics-simulator in use (if applicable): 0.6.0
• Version of embedded-graphics in use (if applicable): 0.8.1

Description of the problem/feature request/other

I get

warning[unmaintained]: proc-macro-error is unmaintaine
    │
281 │ proc-macro-error 1.0.4 registry+https://github.com/rust-lang/crates.io-index
    │ ---------------------------------------------------------------------------- unmaintained advisory detected
    │
    = ID: RUSTSEC-2024-0370
    = Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0370
    = proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email.

      proc-macro-error also depends on `syn 1.x`, which may be bringing duplicate dependencies into dependant build trees.

      ## Possible Alternative(s)

      - [manyhow](https://crates.io/crates/manyhow)
      - [proc-macro-error2](https://crates.io/crates/proc-macro-error2)
      - [proc-macro2-diagnostics](https://github.com/SergioBenitez/proc-macro2-diagnostics)
    = Announcement: https://gitlab.com/CreepySkeleton/proc-macro-error/-/issues/20
    = Solution: No safe upgrade is available!
    = proc-macro-error v1.0.4
      └── ouroboros_macro v0.17.2
          └── ouroboros v0.17.2
              └── embedded-graphics-simulator v0.6.0

with cargo deny check advisories.

[matze]

I'm confused. Apparently, 0.6.0 has a newer ouroboros dependency nevertheless this is what I get.

Edit: when looking into the Cargo.lock present in the crate downloaded from crates.io, ouroboros is pinned to 0.17.2 :thinking:

[rfuest]

Something must have gone wrong with the dependencies in the 0.6.0 release, the problem has come up before. I've just released 0.7.0 which should fix this issue.

[matze]

Thank you very much!