It seems that the version of whoami being used has a vulnerability in the whoami::username function. I looked and deploy-rs is using whoami::username in the lib::defs function. This vulnerability is detailed here from RustSec, and an issue from the whoami repo.
It seems that the version of whoami being used has a vulnerability in the whoami::username function. I looked and deploy-rs is using whoami::username in the lib::defs function. This vulnerability is detailed here from RustSec, and an issue from the whoami repo.