diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2023-08-01 10:41:15 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2023-08-01 10:41:15 +0200 |
| commit | 9f76fd36507ef03e1c72ec432c05ddaf52ae2634 (patch) | |
| tree | 8bc0e13672181c12bbf6fd6542849d4e679dc8af | |
| parent | a569adff7cada094aa5d562be36f6c7272348fe4 (diff) | |
| parent | 0bbe1ac440943f16a0731dc4c28134aafd2eed0d (diff) | |
| download | mullvadvpn-9f76fd36507ef03e1c72ec432c05ddaf52ae2634.tar.xz mullvadvpn-9f76fd36507ef03e1c72ec432c05ddaf52ae2634.zip | |
Merge branch 'remove-atty-dependency'
| -rw-r--r-- | .github/workflows/cargo-audit.yml | 6 | ||||
| -rw-r--r-- | Cargo.lock | 26 | ||||
| -rw-r--r-- | deny.toml | 2 |
3 files changed, 6 insertions, 28 deletions
diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index 6babb09f20..00eb2f0959 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -24,8 +24,4 @@ jobs: denyWarnings: true # RUSTSEC-2020-0071: Ignore the time segfault CVE since there are no known # good workarounds, and we want logs etc to be in local time. - # - # RUSTSEC-2021-0145: The vulnerability affects custom global allocators, - # so it should be safe to ignore it. Stop ignoring the warning once - # atty has been removed from our dependency tree. - ignore: RUSTSEC-2020-0071,RUSTSEC-2021-0145 + ignore: RUSTSEC-2020-0071 diff --git a/Cargo.lock b/Cargo.lock index 60a9ba694e..b975486590 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -200,17 +200,6 @@ dependencies = [ ] [[package]] -name = "atty" -version = "0.2.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" -dependencies = [ - "hermit-abi 0.1.19", - "libc", - "winapi", -] - -[[package]] name = "autocfg" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -548,11 +537,11 @@ checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" [[package]] name = "colored" -version = "1.9.3" +version = "1.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4ffc801dacf156c5854b9df4f425a626539c3a6ef7893cc0c5084a23f0b6c59" +checksum = "5a5f741c91823341bebf717d4c71bda820630ce065443b58bd1b7451af008355" dependencies = [ - "atty", + "is-terminal", "lazy_static", "winapi", ] @@ -1315,15 +1304,6 @@ checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" [[package]] name = "hermit-abi" -version = "0.1.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" -dependencies = [ - "libc", -] - -[[package]] -name = "hermit-abi" version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" @@ -86,6 +86,8 @@ deny = [ { name = "openssl-probe" }, { name = "clap", version = "2" }, { name = "clap", version = "3" }, + # `atty` is an unmaintained crate with a CVE: RUSTSEC-2021-0145 + { name = "atty" } ] skip = [] skip-tree = [] |