Remove atty dependency #4936

faern · 2023-08-01T06:56:51Z

We have long ignored RUSTSEC-2021-0145 in our cargo-audit.yml action. And even if our app is not really affected by this vulnerability at all, it has been a bit irritating. I have been somewhat on the hunt to get rid of atty for a long while. Opening issues on some of our dependencies that in turn depend on atty. And finally we have reached the point where the last dependency using it has released an upgraded version, switching to is-terminal.

I now ban atty from our dependency tree completely via deny.toml, so we don't accidentally add it again.

This change is

MarkusPettersson98

Reviewed 3 of 3 files at r1, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved

faern requested a review from MarkusPettersson98 August 1, 2023 06:56

faern force-pushed the remove-atty-dependency branch from cd0a4e4 to 38ea3ce Compare August 1, 2023 07:16

MarkusPettersson98 approved these changes Aug 1, 2023

View reviewed changes

faern added 3 commits August 1, 2023 10:40

Upgrade colored to get rid of atty as a dependency

cb767a4

Deny atty as Rust dependency

f74fd47

Un-ignore RUSTSEC-2021-0145 since atty is no longer in the dep tree

0bbe1ac

faern force-pushed the remove-atty-dependency branch from 38ea3ce to 0bbe1ac Compare August 1, 2023 08:40

faern merged commit 9f76fd3 into main Aug 1, 2023
19 checks passed

faern deleted the remove-atty-dependency branch August 1, 2023 08:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove atty dependency #4936

Remove atty dependency #4936

faern commented Aug 1, 2023 •

edited

MarkusPettersson98 left a comment

Remove atty dependency #4936

Remove atty dependency #4936

Conversation

faern commented Aug 1, 2023 • edited

MarkusPettersson98 left a comment

Choose a reason for hiding this comment

faern commented Aug 1, 2023 •

edited