Just got a mail from my favourite Ukrainian, Bogdan of Let’s Get Rusty where I learned about cargo-audit
So I gave it a shot…
willie@gagarin:~/projects/maidsafe/safe_network$ cargo-audit audit
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 537 security advisories (from /home/willie/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (514 crate dependencies)
Crate: ansi_term
Version: 0.12.1
Warning: unmaintained
Title: ansi_term is Unmaintained
Date: 2021-08-18
ID: RUSTSEC-2021-0139
URL: https://rustsec.org/advisories/RUSTSEC-2021-0139
Dependency tree:
ansi_term 0.12.1
└── sn_cli 0.75.0
Crate: atty
Version: 0.2.14
Warning: unsound
Title: Potential unaligned read
Date: 2021-07-04
ID: RUSTSEC-2021-0145
URL: https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
├── sn_cli 0.75.0
├── lalrpop 0.19.8
│ └── basic-cookies 0.1.4
│ └── httpmock 0.6.7
│ └── sn_cli 0.75.0
├── grep-cli 0.1.7
│ └── grep 0.2.11
│ ├── sn_client 0.83.0
│ │ └── sn_api 0.81.0
│ │ ├── sn_cmd_test_utilities 1.1.0
│ │ │ └── sn_cli 0.75.0
│ │ └── sn_cli 0.75.0
│ └── log_cmds_inspector 0.1.0
├── env_logger 0.8.4
│ └── sn_api 0.81.0
├── criterion 0.4.0
│ ├── sn_node 0.81.0
│ ├── sn_client 0.83.0
│ └── sn_cli 0.75.0
└── clap 3.2.23
├── sn_testnet 0.1.4
│ └── sn_client 0.83.0
├── sn_node 0.81.0
├── sn_client 0.83.0
├── sn_cli 0.75.0
├── log_cmds_inspector 0.1.0
├── criterion 0.4.0
└── clap_complete 3.2.5
├── sn_node 0.81.0
└── sn_cli 0.75.0
warning: 2 allowed warnings found