Parser
Parser copied to clipboard
RustPython
cargo audit paste
Please be aware that cargo audit will warn if other rust projects vendor Parser since the dependency paste is no longer maintained (RUSTSEC-2024-0436).
[eslerm@ares Parser]$ cargo audit
Updating crates.io index
Locking 120 packages to latest compatible versions
Adding itertools v0.11.0 (available: v0.14.0)
Adding lalrpop v0.20.2 (available: v0.22.2)
Adding lalrpop-util v0.20.2 (available: v0.22.2)
Adding lexical-parse-float v0.8.5 (available: v1.0.5)
Adding malachite-bigint v0.2.3 (available: v0.6.1)
Adding phf v0.11.3 (available: v0.12.1)
Adding phf_codegen v0.11.3 (available: v0.12.1)
Adding rand v0.8.5 (available: v0.9.1)
Adding rustc-hash v1.1.0 (available: v2.1.1)
Adding unicode_names2 v1.3.0 (available: v2.0.0)
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 787 security advisories (from /home/eslerm/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (126 crate dependencies)
Crate: paste
Version: 1.0.15
Warning: unmaintained
Title: paste - no longer maintained
Date: 2024-10-07
ID: RUSTSEC-2024-0436
URL: https://rustsec.org/advisories/RUSTSEC-2024-0436
Dependency tree:
paste 1.0.15
└── malachite-bigint 0.2.3
├── rustpython-parser 0.4.0
├── rustpython-format 0.4.0
└── rustpython-ast 0.4.0
└── rustpython-parser 0.4.0
warning: 1 allowed warning found
[eslerm@ares RustPython]$ cargo audit
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 787 security advisories (from /home/eslerm/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (383 crate dependencies)
Crate: paste
Version: 1.0.15
Warning: unmaintained
Title: paste - no longer maintained
Date: 2024-10-07
ID: RUSTSEC-2024-0436
URL: https://rustsec.org/advisories/RUSTSEC-2024-0436
Dependency tree:
paste 1.0.15
├── rustpython-vm 0.4.0
│ ├── rustpython_wasm 0.4.0
│ ├── rustpython-stdlib 0.4.0
│ │ ├── rustpython_wasm 0.4.0
│ │ └── rustpython 0.4.0
│ └── rustpython 0.4.0
├── rustpython-stdlib 0.4.0
└── malachite-bigint 0.6.0
├── rustpython-vm 0.4.0
├── rustpython-stdlib 0.4.0
├── rustpython-compiler-core 0.4.0
│ ├── rustpython-vm 0.4.0
│ ├── rustpython-pylib 0.4.0
│ │ ├── rustpython_wasm 0.4.0
│ │ └── rustpython 0.4.0
│ ├── rustpython-jit 0.4.0
│ │ └── rustpython-vm 0.4.0
│ ├── rustpython-derive-impl 0.4.0
│ │ └── rustpython-derive 0.4.0
│ │ ├── rustpython-vm 0.4.0
│ │ ├── rustpython-stdlib 0.4.0
│ │ ├── rustpython-pylib 0.4.0
│ │ └── rustpython-jit 0.4.0
│ ├── rustpython-compiler 0.4.0
│ │ ├── rustpython-vm 0.4.0
│ │ ├── rustpython-derive 0.4.0
│ │ └── rustpython 0.4.0
│ └── rustpython-codegen 0.4.0
│ ├── rustpython-vm 0.4.0
│ └── rustpython-compiler 0.4.0
├── rustpython-common 0.4.0
│ ├── rustpython_wasm 0.4.0
│ ├── rustpython-vm 0.4.0
│ └── rustpython-stdlib 0.4.0
└── rustpython-codegen 0.4.0
warning: 1 allowed warning found
The RustPython project is now using Ruff's parser instead of this crate.
@youknowone should we update the README to that effect?
