Closed ranandfigma closed 1 year ago
Thank you for the report @ranandfigma. We are working on a release that will contain upgrades to many of our dependencies.
Filed internally as 178110.
Hi @ranandfigma , the latest 1.0 release has updated dependencies.
Specifically, reqwest
has been entirely removed. Feel free to file a new issue if you encounter any more problems.
A number of packages are on very old versions that contain unmaintained/ deprecated dependencies that have known vulnerabilities. Here is a list of the couple that were picked up by cargo-deny:
reqwest v0.9.11 is from March 2019: https://github.com/seanmonstar/reqwest/releases/tag/v0.9.11
tokio v0.1.22 has the below advisory