You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Problem
The proc-macro-error crate, which is a dependency of yew-macro, is flagged as unmaintained by RustSec since 2024-09-01. This causes warnings during cargo audit and may lead to potential dependency issues in the future.
Steps To Reproduce
$ cargo audit
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 687 security advisories (from /Users/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (161 crate dependencies)
Crate: proc-macro-error
Version: 1.0.4
Warning: unmaintained
Title: proc-macro-error is unmaintained
Date: 2024-09-01
ID: RUSTSEC-2024-0370
URL: https://rustsec.org/advisories/RUSTSEC-2024-0370
Dependency tree:
proc-macro-error 1.0.4
└── yew-macro 0.21.0
└── yew 0.21.0
└── christmas-tree 0.1.0
warning: 1 allowed warning found
Expected behavior
Yew should remove or replace proc-macro-error to prevent RustSec warnings.
Screenshots
If applicable, add screenshots to help explain your problem.
Environment:
Yew version: 0.21.0
Rust version: rustc 1.73.0
Features enabled: ["csr"]
Build tool: trunk
OS: MacOS
Additional Context
The advisory URL for proc-macro-error: RUSTSEC-2024-0370.
This issue impacts developer confidence, as it introduces a warning even in projects with no active vulnerabilities. It would be beneficial for Yew to migrate away from this unmaintained dependency or to ensure alternative solutions are explored.
Questionnaire
I'm interested in fixing this myself but don't know where to start
I would like to fix and I have a solution
I don't have time to fix this right now, but maybe later
The text was updated successfully, but these errors were encountered:
Problem
The
proc-macro-error
crate, which is a dependency ofyew-macro
, is flagged as unmaintained by RustSec since 2024-09-01. This causes warnings duringcargo audit
and may lead to potential dependency issues in the future.Steps To Reproduce
Expected behavior
Yew should remove or replace proc-macro-error to prevent RustSec warnings.
Screenshots
If applicable, add screenshots to help explain your problem.
Environment:
Additional Context
The advisory URL for proc-macro-error: RUSTSEC-2024-0370.
This issue impacts developer confidence, as it introduces a warning even in projects with no active vulnerabilities. It would be beneficial for Yew to migrate away from this unmaintained dependency or to ensure alternative solutions are explored.
Questionnaire
The text was updated successfully, but these errors were encountered: