Vulnerable to GHSA-g98v-hv3f-hcfr

Hey all,

I discovered this crate is vulnerable to https://github.com/advisories/GHSA-g98v-hv3f-hcfr via a dependency on `atty`:

```
atty v0.2.14
└── clap v2.34.0
    └── structopt v0.3.26
        └── prettydiff v0.6.5 (/private/tmp/prettydiff)
```

`atty` seems to be unmaintained. `clap` has swapped out its dependency in https://github.com/clap-rs/clap/pull/4249 but this crate depends on an old version via `structopt`, which itself is deprecated in-lieu of newer versions of `clap`.

I recognize this is probably pretty low priority, but has there been any thought to migrate to `clap` to get rid of the dependency on `structopt`?

Thank you!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerable to GHSA-g98v-hv3f-hcfr #18

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development