rust-simple_logger icon indicating copy to clipboard operation
rust-simple_logger copied to clipboard
verified publisher icon borntyping

atty is unmaintaned and creates an advisory warning

Open kgraefe opened this issue 3 years ago • 2 comments

See https://rustsec.org/advisories/RUSTSEC-2021-0145.html for the advisory. It has not been patched even though an already-reviewed PR is available for a long time.

several projects e.g. clap and env_logger switched to is_terminal

kgraefe avatar Jan 25 '23 08:01 kgraefe

I think that this is solved now and can be closed. Colored has removed the dependency on atty.

ChrisCA avatar Jul 05 '23 08:07 ChrisCA

Correct, running cargo update -p colored to update the dep fixes the advisory.

However, I feel like this crate's dep on colored should be bumped to minimum of 2.0.4 to enforce this update on upstreams.

V0ldek avatar Aug 01 '23 18:08 V0ldek