-
Notifications
You must be signed in to change notification settings - Fork 910
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RUSTSEC-2024-0003] [RUSTSEC-2024-0019] and [RUSTSEC-2020-0043] (among many others) #2465
Comments
My proposed solution can be seen in this branch. (I have ran See cargo-audit-zola-old.txt for the audit report before my changes and cargo-audit-zola-new.txt for the new audit report. I think The other three remaining alerts stem from our dependency on atty, net2 via an old version of mio, and encoding via an old version of lindera |
I am less sure how to go about fixing the last three so any suggestions are appreciated |
Someone is working on some changes for the server (InDieTasten#1) cc @InDieTasten so I wouldn't bother changing the ws library for now. |
I can confirm I'm updating hyper and related dependencies right now :) |
Bug Report
Currently this project is depending on dependencies which are vulnerable to:
RUSTSEC-2024-0019,
RUSTSEC-2024-0003,
RUSTSEC-2020-0043
In addition it is also depending on a bunch of unmaintained crates (listed on RUSTSEC too)
Environment
Zola version: Next branch
Expected Behavior
When I run
cargo audit
on this repo I get no alertsStep to reproduce
Run
cargo audit
on the next branchThe text was updated successfully, but these errors were encountered: