Unmaintained Dependency muesli/sasquatch in the crypto package

[nkxxll]

Just as an info muesli/sasquatch has no commits since 2 years and the crypto library is way too old for a crypto lib (< v8, current is v18). !!This is a potential security risk!!

In my opinion the best but not the easiest solution would be to use the https://pkg.go.dev/golang.org/x/crypto module directly. If I can help in any way to resolve this issue let me know...

Hope I could help! Have a nice one! <3

[mschneider82]

i would rather switch to https://github.com/minio/sio this provides a io.ReaderAt which could be a big improvement for the filesystem implementation. The issue switching the crypto lib is the migration path