You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
rbx_cookie as a library currently depends on clap and env_logger even for the library published to crates.io, with no feature flag to disable them. This is causing Lune to have duplicate dependencies on these libraries, and the old version of clap also depends on atty which is deprecated and currently giving the Lune repo a security advisory warning.
The text was updated successfully, but these errors were encountered:
FWIW, as you have already uncovered, these dependencies aren't used by the library so you should be able to safely ignore the warning if you're only using the library.
That said, we could try upgrading the dependency to get past the security advisory, or maybe there's a way to split the dependencies so they are only included with the binary. Happy to accept a PR :)
rbx_cookie
as a library currently depends onclap
andenv_logger
even for the library published to crates.io, with no feature flag to disable them. This is causing Lune to have duplicate dependencies on these libraries, and the old version ofclap
also depends onatty
which is deprecated and currently giving the Lune repo a security advisory warning.The text was updated successfully, but these errors were encountered: