From 99fc97af6c77abb02a134aecc44545ff52d4a088 Mon Sep 17 00:00:00 2001
From: Michael Weiss <michael.weiss@atos.net>
Date: Mon, 31 Jul 2023 20:42:51 +0200
Subject: [PATCH] Replace the unmaintained "atty" crate with "is-terminal"

The "atty" crate is unmaintained [0] and also causes a low severity
GitHub advisory (GHSA-g98v-hv3f-hcfr; only affects windows though) [1]:
> A Pull Request with a fix has been provided over a year ago but the
> maintainer seems to be unreachable.
> Last release of atty was almost 3 years ago.

The "clap" crate already switched to "is-terminal" [2] so we can simply
use the latter without having to pull in additional dependencies.
The "is-terminal" crate can also be considered a successor [3]:
> This crate is derived from the atty crate with PR 51 bug fix and PR 54
> port to windows-sys applied.

[0]: https://github.com/softprops/atty/issues/57
[1]: https://github.com/science-computing/butido/security/dependabot/9
[2]: https://github.com/clap-rs/clap/pull/4249
[3]: https://crates.io/crates/is-terminal
---
 Cargo.lock           | 28 ++++------------------------
 Cargo.toml           |  2 +-
 src/commands/util.rs |  3 ++-
 src/util/mod.rs      |  3 ++-
 4 files changed, 9 insertions(+), 27 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index aeb2982f..3af6567d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -122,17 +122,6 @@ version = "4.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "75054ce561491263d7b80dc2f6f6c6f8cdfd0c7a7c17c5cf3b8117829fa72ae1"
 
-[[package]]
-name = "atty"
-version = "0.2.14"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
-dependencies = [
- "hermit-abi 0.1.19",
- "libc",
- "winapi",
-]
-
 [[package]]
 name = "autocfg"
 version = "1.1.0"
@@ -220,7 +209,6 @@ dependencies = [
  "anyhow",
  "aquamarine",
  "ascii_table",
- "atty",
  "bytesize",
  "chrono",
  "clap",
@@ -242,6 +230,7 @@ dependencies = [
  "humantime",
  "indicatif",
  "indoc",
+ "is-terminal",
  "itertools 0.11.0",
  "lazy_static",
  "log",
@@ -932,15 +921,6 @@ version = "0.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a"
 
-[[package]]
-name = "hermit-abi"
-version = "0.1.19"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33"
-dependencies = [
- "libc",
-]
-
 [[package]]
 name = "hermit-abi"
 version = "0.3.2"
@@ -1183,7 +1163,7 @@ version = "1.0.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2"
 dependencies = [
- "hermit-abi 0.3.2",
+ "hermit-abi",
  "libc",
  "windows-sys 0.48.0",
 ]
@@ -1200,7 +1180,7 @@ version = "0.4.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b"
 dependencies = [
- "hermit-abi 0.3.2",
+ "hermit-abi",
  "rustix 0.38.4",
  "windows-sys 0.48.0",
 ]
@@ -1489,7 +1469,7 @@ version = "1.16.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43"
 dependencies = [
- "hermit-abi 0.3.2",
+ "hermit-abi",
  "libc",
 ]
 
diff --git a/Cargo.toml b/Cargo.toml
index e71a7c31..9e5d6b6f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -27,7 +27,6 @@ maintenance = { status = "passively-maintained" }
 anyhow         = "1"
 aquamarine     = "0.3"
 ascii_table    = "4"
-atty           = "0.2"
 bytesize       = "1"
 chrono         = "0.4"
 clap           = { version = "4", features = ["cargo"] }
@@ -48,6 +47,7 @@ human-panic    = "1"
 humantime      = "2"
 indicatif      = "0.17"
 indoc          = "2"
+is-terminal    = "0.4"
 itertools      = "0.11"
 lazy_static    = "1"
 log            = "0.4"
diff --git a/src/commands/util.rs b/src/commands/util.rs
index 4e2a0488..024912d5 100644
--- a/src/commands/util.rs
+++ b/src/commands/util.rs
@@ -19,6 +19,7 @@ use anyhow::Context;
 use anyhow::Error;
 use anyhow::Result;
 use clap::ArgMatches;
+use is_terminal::IsTerminal;
 use itertools::Itertools;
 use regex::Regex;
 use tokio_stream::StreamExt;
@@ -202,7 +203,7 @@ pub fn display_data<D: Display>(
             .map_err(Error::from)
             .and_then(|t| String::from_utf8(t).map_err(Error::from))
             .and_then(|text| writeln!(lock, "{text}").map_err(Error::from))
-    } else if atty::is(atty::Stream::Stdout) {
+    } else if std::io::stdout().is_terminal() {
         let mut ascii_table = ascii_table::AsciiTable::default();
         ascii_table.set_max_width(
             terminal_size::terminal_size()
diff --git a/src/util/mod.rs b/src/util/mod.rs
index 85ce136d..c4f1eca2 100644
--- a/src/util/mod.rs
+++ b/src/util/mod.rs
@@ -8,6 +8,7 @@
 // SPDX-License-Identifier: EPL-2.0
 //
 
+use is_terminal::IsTerminal;
 use serde::Deserialize;
 use serde::Serialize;
 
@@ -47,5 +48,5 @@ pub mod parser;
 pub mod progress;
 
 pub fn stdout_is_pipe() -> bool {
-    !atty::is(atty::Stream::Stdout)
+    !std::io::stdout().is_terminal()
 }