Unmaintained, insecure and obsoleted dependencies #529

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

Teebor-Choka opened this issue Apr 8, 2025 · 1 comment

Teebor-Choka commented Apr 8, 2025

Some dependencies have significant issues and do not pass the cargo audit:

Crate:     aes-soft
Version:   0.6.4
Warning:   unmaintained
Title:     `aes-soft` has been merged into the `aes` crate
Date:      2021-04-29
ID:        RUSTSEC-2021-0060
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0060
Dependency tree:
aes-soft 0.6.4
└── aes 0.6.0
    └── aes-gcm 0.8.0
        └── cookie 0.14.4
            └── http-types 2.12.0

Crate:     aesni
Version:   0.10.0
Warning:   unmaintained
Title:     `aesni` has been merged into the `aes` crate
Date:      2021-04-29
ID:        RUSTSEC-2021-0059
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0059
Dependency tree:
aesni 0.10.0
└── aes 0.6.0
    └── aes-gcm 0.8.0
        └── cookie 0.14.4
            └── http-types 2.12.0

Crate:     cpuid-bool
Version:   0.2.0
Warning:   unmaintained
Title:     `cpuid-bool` has been renamed to `cpufeatures`
Date:      2021-05-06
ID:        RUSTSEC-2021-0064
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0064
Dependency tree:
cpuid-bool 0.2.0
└── polyval 0.4.5
    └── ghash 0.3.1
        └── aes-gcm 0.8.0
            └── cookie 0.14.4
                └── http-types 2.12.0

Crate:     instant
Version:   0.1.13
Warning:   unmaintained
Title:     `instant` is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0384
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0384
Dependency tree:
instant 0.1.13
├── fastrand 1.9.0
│   └── futures-lite 1.13.0
│       ├── http-types 2.12.0

Crate:     stdweb
Version:   0.4.20
Warning:   unmaintained
Title:     stdweb is unmaintained
Date:      2020-05-04
ID:        RUSTSEC-2020-0056
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.27
    └── cookie 0.14.4
        └── http-types 2.12.0

The text was updated successfully, but these errors were encountered:

Teebor-Choka mentioned this issue

Is this crate abandoned? #527

Open

Author

Teebor-Choka commented Apr 8, 2025 •

edited

Loading

Some of these issues could be fixed by:
#521
#517
#516
#396

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment