You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have been getting component governance alerts for Grass due to its nested dependency on atty, which has been unmaintained for a few years now and has some compatibility issues with Windows. Your nested dependency on atty comes from clap, though they've moved away from atty as of last year (see clap-rs/clap#4249).
Here's a link to the advisory in the GitHub Security Advisory Database: GHSA-g98v-hv3f-hcfr
The text was updated successfully, but these errors were encountered:
I've been putting off updating clap for a while. I agree the warning is quite annoying. I've updated the clap version in master, and this change should be released to crates.io quite soon as 0.13.1. I'll note that the MSRV of this crate has to increase to 1.64.0 in order to work with the newest version of clap. Unfortunately the change you linked was not backported to 3.x.x.
I have been getting component governance alerts for Grass due to its nested dependency on atty, which has been unmaintained for a few years now and has some compatibility issues with Windows. Your nested dependency on atty comes from clap, though they've moved away from atty as of last year (see clap-rs/clap#4249).
Here's a link to the advisory in the GitHub Security Advisory Database: GHSA-g98v-hv3f-hcfr
The text was updated successfully, but these errors were encountered: