amy-keibler
commented
3 years ago This fails with the same log4rs error as the main branch, so it should be safe to merge. I've built & tested locally.
Inverse Dependency graph
traitobject 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)
└── unsafe-any 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)
└── typemap 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)
└── log4rs 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)
└── cargo-pants 0.4.2 (path+file:///home/circleci/project)
Audited Dependencies: 161
Vulnerable Dependencies: 1
This doesn't fix the vulnerability in
log4rs, but it's still probably a good idea to keep up with other dependencies so we don't fall too far behind.