Vulnerable to GHSA-g98v-hv3f-hcfr #18
Description
Hey all,
I discovered this crate is vulnerable to GHSA-g98v-hv3f-hcfr via a dependency on atty:
atty v0.2.14
└── clap v2.34.0
└── structopt v0.3.26
└── prettydiff v0.6.5 (/private/tmp/prettydiff)
atty seems to be unmaintained. clap has swapped out its dependency in clap-rs/clap#4249 but this crate depends on an old version via structopt, which itself is deprecated in-lieu of newer versions of clap.
I recognize this is probably pretty low priority, but has there been any thought to migrate to clap to get rid of the dependency on structopt?
Thank you!