cargo deny reports that yaml-rust is unmaintained and recommends replacing it with the yaml-rust2 fork. It looks to be a drop-in replacement.
Run cargo deny check advisories
2024-04-15 04:05:06 [WARN] unable to find a config path, falling back to default config
error[unmaintained]: yaml-rust is unmaintained.
┌─ /home/runner/work/zero2prod2/zero2prod2/Cargo.lock:278:1
│
278 │ yaml-rust 0.4.5 registry+https://github.com/rust-lang/crates.io-index
│ --------------------------------------------------------------------- unmaintained advisory detected
│
= ID: RUSTSEC-2024-0320
= Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0320
= The maintainer seems [unreachable](https://github.com/chyh1990/yaml-rust/issues/197).
Many issues and pull requests have been submitted over the years
without any [response](https://github.com/chyh1990/yaml-rust/issues/160).
## Alternatives
Consider switching to the actively maintained `yaml-rust2` fork of the original project:
- [yaml-rust2](https://github.com/Ethiraric/yaml-rust2)
- [yaml-rust2 @ crates.io](https://crates.io/crates/yaml-rust2))
= Announcement: https://github.com/rustsec/advisory-db/issues/1921
= Solution: No safe upgrade is available!
= yaml-rust v0.4.5
└── config v0.14.0
└── zero2prod2 v0.1.0
cargo deny
reports thatyaml-rust
is unmaintained and recommends replacing it with theyaml-rust2
fork. It looks to be a drop-in replacement.