https://pantsbuild.org/ logo
#development
Title
# development
p

polite-garden-50641

12/20/2021, 8:29 PM
do people care that the Cargo audit CI job is failing (and has been for a while now) due to packages w/ security issues? https://github.com/pantsbuild/pants/runs/4579909153?check_suite_focus=true
h

hundreds-father-404

12/20/2021, 8:37 PM
Yes, we are supposed to care. I wasn't getting notifications and not sure if anyone else was either
f

fast-nail-55400

12/20/2021, 8:37 PM
I do, but I need to figure out what to do with warnings like this one:
Copy code
Crate:         anymap
Version:       0.12.1
Warning:       unmaintained
like do I need to replace the deps that use anymap?
so I’ll fix once I’ve figured out what to do with such messages
by triaging what deps are actually using those underlying crates
it’s not just a simple upgrade and done
h

hundreds-father-404

12/20/2021, 8:43 PM
Hm yeah..maybe we should ignore them?
f

fast-nail-55400

12/20/2021, 8:45 PM
I’m triaging tonight. will figure out what to do with each.
e

enough-analyst-54434

12/20/2021, 9:54 PM
I bumped into the same long red and did some of this work here: https://github.com/pantsbuild/pants/pull/13728 I punted on all these ~unfixable ones too though.