mullvad · faern · Feb 1, 2023 · Jan 31, 2023 · Jan 31, 2023 · Jan 31, 2023
diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml
@@ -34,9 +34,12 @@ jobs:
       - name: Audit
         # RUSTSEC-2020-0071: Ignore the time segfault CVE since there are no known
         # good workarounds, and we want logs etc to be in local time.
+        #
         # RUSTSEC-2021-0145: The vulnerability affects custom global allocators,
         # so it should be safe to ignore it. Stop ignoring the warning once
-        # atty has been replaced in clap and env_logger:
+        # atty has been replaced in clap (when we upgrade to clap 4):
         # https://github.com/clap-rs/clap/pull/4249
-        # https://github.com/rust-cli/env_logger/pull/246
-        run: cargo audit --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2021-0145
+        run: |
+          cargo audit --deny warnings \
+            --ignore RUSTSEC-2020-0071 \
+            --ignore RUSTSEC-2021-0145
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/mullvad-cli/Cargo.toml b/mullvad-cli/Cargo.toml
@@ -16,7 +16,7 @@ base64 = "0.13"
 chrono = { version = "0.4.19", features = ["serde"] }
 clap = { version = "3.0", features = ["cargo"] }
 err-derive = "0.3.1"
-env_logger = "0.8.2"
+env_logger = "0.10.0"
 futures = "0.3"
 natord = "1.0.9"
 serde = "1.0"

diff --git a/mullvad-problem-report/Cargo.toml b/mullvad-problem-report/Cargo.toml
@@ -24,7 +24,7 @@ talpid-platform-metadata = { path = "../talpid-platform-metadata" }
 
 [target.'cfg(not(target_os="android"))'.dependencies]
 clap = { version = "3.0", features = ["cargo"] }
-env_logger = "0.8.2"
+env_logger = "0.10.0"
 
 [target.'cfg(target_os = "android")'.dependencies]
 duct = "0.13"

diff --git a/mullvad-setup/Cargo.toml b/mullvad-setup/Cargo.toml
@@ -13,7 +13,7 @@ path = "src/main.rs"
 
 [dependencies]
 clap = { version = "3.0", features = ["cargo"] }
-env_logger = "0.8.2"
+env_logger = "0.10.0"
 err-derive = "0.3.1"
 lazy_static = "1.1.0"
 

diff --git a/talpid-core/Cargo.toml b/talpid-core/Cargo.toml
@@ -112,6 +112,6 @@ tonic-build = { version = "0.8", default-features = false, features = ["transpor
 
 [dev-dependencies]
 tempfile = "3.0"
-quickcheck = "1.0"
+quickcheck = { version = "1.0", default-features = false }
 quickcheck_macros = "1.0"
 tokio = { version = "1", features = [ "test-util" ] }
diff --git a/talpid-openvpn-plugin/Cargo.toml b/talpid-openvpn-plugin/Cargo.toml
@@ -13,7 +13,7 @@ crate-type = ["cdylib"]
 [dependencies]
 err-derive = "0.3.1"
 log = "0.4"
-env_logger = "0.8.2"
+env_logger = "0.10.0"
 parity-tokio-ipc = "0.9"
 tokio = { version = "1.8", features =  ["rt"] }