We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sv1_api import pretty_env_logger = "0.4.0" that import atty. This trigger the below warning: https://github.com/demand-open-source/demand-cli/security/dependabot/1
The text was updated successfully, but these errors were encountered:
@Fi3 the link above resolves to a 404
Sorry, something went wrong.
@Fi3 can you add more context here?
We will likely need to replace the pretty_env_logger dependency and standardize on the tracing.
pretty_env_logger
tracing
On windows, atty dereferences a potentially unaligned pointer.
In practice however, the pointer won't be unaligned unless a custom global allocator is used.
In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment. atty is Unmaintained
A Pull Request with a fix has been provided over a year ago but the maintainer seems to be unreachable.
Last release of atty was almost 3 years ago. Possible Alternative(s)
The below list has not been vetted in any way and may or may not contain alternatives;
[std::io::IsTerminal](https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html) - Stable since Rust 1.70.0 [is-terminal](https://crates.io/crates/is-terminal) - Standalone crate supporting Rust older than 1.70.0"
should we just remove pretty_env_logger as a dependency so we don't need to worry about this?
tracing seems to have everything we need, and pretty_env_logger is only used inside sv1_api crate
sv1_api
rrybarczyk
No branches or pull requests
sv1_api import pretty_env_logger = "0.4.0" that import atty. This trigger the below warning:
https://github.com/demand-open-source/demand-cli/security/dependabot/1
The text was updated successfully, but these errors were encountered: