[Bug]: CI fail due to cargo audit issue

fangpin commented 4 days ago

Description about the bug

CI fails due to cargo audit issue, which blocks the the CI check for new PR.

Version

0.1.0

Relevant log output

info: downloading component 'cargo'
info: downloading component 'clippy'
info: downloading component 'rust-docs'
info: downloading component 'rust-src'
info: downloading component 'rust-std'
info: downloading component 'rustc'
info: downloading component 'rustfmt'
info: installing component 'cargo'
info: installing component 'clippy'
info: installing component 'rust-docs'
info: installing component 'rust-src'
info: installing component 'rust-std'
info: installing component 'rustc'
info: installing component 'rustfmt'
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 688 security advisories (from /xline/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (372 crate dependencies)
Crate:     rustls
Version:   0.23.14
Title:     rustls network-reachable panic in `Acceptor::accept`
Date:      2024-11-22
ID:        RUSTSEC-2024-0399
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0399
Solution:  Upgrade to >=0.23.18
Dependency tree:
rustls 0.23.14
└── tokio-rustls 0.26.0
    └── tonic 0.12.3
        ├── workspace-hack 0.1.0
error: 1 vulnerability found!
        │   ├── xlineutl 0.1.0
        │   ├── xlinectl 0.1.0
        │   ├── xlineapi 0.1.0
        │   │   ├── xlinectl 0.1.0
        │   │   ├── xline-client 0.1.0
        │   │   │   ├── xlinectl 0.1.0
        │   │   │   ├── xline-test-utils 0.1.0
        │   │   │   │   ├── xline-client 0.1.0
        │   │   │   │   ├── xline 0.6.1
        │   │   │   │   │   ├── xlineutl 0.1.0
        │   │   │   │   │   ├── xline-test-utils 0.1.0
        │   │   │   │   │   └── simulation 0.1.0
        │   │   │   │   └── benchmark 0.1.0
        │   │   │   ├── xline 0.6.1
        │   │   │   ├── simulation 0.1.0
        │   │   │   └── benchmark 0.1.0
        │   │   ├── xline 0.6.1
        │   │   ├── simulation 0.1.0
        │   │   └── benchmark 0.1.0
        │   ├── xline-test-utils 0.1.0
        │   ├── xline-client 0.1.0
        │   ├── xline 0.6.1
        │   ├── utils 0.1.0
        │   │   ├── xlineutl 0.1.0
        │   │   ├── xlinectl 0.1.0
        │   │   ├── xlineapi 0.1.0
        │   │   ├── xline-test-utils 0.1.0
        │   │   ├── xline-client 0.1.0
        │   │   ├── xline 0.6.1
        │   │   ├── simulation 0.1.0
        │   │   ├── engine 0.1.0
        │   │   │   ├── xlineutl 0.1.0
        │   │   │   ├── xline 0.6.1
        │   │   │   ├── simulation 0.1.0
        │   │   │   ├── curp-test-utils 0.1.0
        │   │   │   │   ├── simulation 0.1.0
        │   │   │   │   └── curp 0.1.0
        │   │   │   │       ├── xlineapi 0.1.0
        │   │   │   │       ├── xline-client 0.1.0
        │   │   │   │       ├── xline 0.6.1
        │   │   │   │       └── simulation 0.1.0
        │   │   │   ├── curp-external-api 0.1.0
        │   │   │   │   ├── xlineapi 0.1.0
        │   │   │   │   ├── xline 0.6.1
        │   │   │   │   ├── curp-test-utils 0.1.0
        │   │   │   │   └── curp 0.1.0
        │   │   │   └── curp 0.1.0
        │   │   ├── curp-test-utils 0.1.0
        │   │   ├── curp 0.1.0
        │   │   └── benchmark 0.1.0
        │   ├── test-macros 0.1.0
        │   │   ├── xline-client 0.1.0
        │   │   ├── xline 0.6.1
        │   │   ├── utils 0.1.0
        │   │   ├── engine 0.1.0
        │   │   └── curp 0.1.0
        │   ├── simulation 0.1.0
        │   ├── engine 0.1.0
        │   ├── curp-test-utils 0.1.0
        │   ├── curp-external-api 0.1.0
        │   ├── curp 0.1.0
        │   └── benchmark 0.1.0
        ├── tonic-health 0.12.3
        │   └── xline 0.6.1
        ├── opentelemetry-proto 0.7.0
        │   └── opentelemetry-otlp 0.17.0
        │       ├── xline 0.6.1
        │       └── utils 0.1.0
        ├── opentelemetry-otlp 0.17.0
        ├── madsim-tonic 0.5.0+0.12.0
        │   ├── xlinectl 0.1.0
        │   ├── xlineapi 0.1.0
        │   ├── xline-test-utils 0.1.0
        │   ├── xline-client 0.1.0
        │   ├── xline 0.6.1
        │   ├── workspace-hack 0.1.0
        │   ├── utils 0.1.0
        │   ├── simulation 0.1.0
        │   └── curp 0.1.0
        └── etcd-client 0.14.0
            ├── xline 0.6.1
            └── benchmark 0.1.0

Crate:     instant
Version:   0.1.13
Warning:   unmaintained
Title:     `instant` is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0384
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0384
Dependency tree:
instant 0.1.13
└── indicatif 0.17.8
    └── benchmark 0.1.0

warning: 1 allowed warning found
Error: Process completed with exit code 1.

Code of Conduct

[X] I agree to follow this project's Code of Conduct

github-actions[bot] commented 4 days ago

👋 Thanks for opening this issue!

Reply with the following command on its own line to get help or engage:

/contributing-agreement : to print Contributing Agreements.
/assignme : to assign this issue to you.

fangpin commented 4 days ago

/assignme

fangpin commented 4 days ago

fixing it by: https://github.com/xline-kv/Xline/pull/1029

xline-kv / Xline

[Bug]: CI fail due to cargo audit issue #1030

Description about the bug

Version

Relevant log output

Code of Conduct