RUSTSEC-2020-0053: dirs: dirs is unmaintained, use dirs-next instead

Question

RUSTSEC-2020-0053: dirs: dirs is unmaintained, use dirs-next instead

brightly-salty opened this issue 4 years ago · 2 comments

After running cargo audit on my project, which has a transient dependence on font-kit, I got the following security advisory concerning the dirs dependency:

Crate:         dirs
Version:       2.0.2
Warning:       unmaintained
Title:         dirs is unmaintained, use dirs-next instead
Date:          2020-10-16
ID:            RUSTSEC-2020-0053
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0053
Dependency tree:
dirs 2.0.2
└── font-kit 0.8.0

From the website, dirs-next would be a good replacement (I think drop-in?). I do realize this is a previous release, but I checked the current release, and dirs is still depended upon for some architectures.

Answer 1 · 2020-12-07T02:36:46.000Z

Want to make a pull request?

Answer 2 · 2020-12-07T02:47:56.000Z

Sure, I can try to attempt it.