Crate libc 0.2.154 is yanked

[acgetchell]

This was flagged in actions-rust-lang/audit@v1.

[josephlr]

Duplicate of #423

[josephlr]

Note, a later version of libc has been released, so is there an issue here?

[acgetchell]

uuid v1.8.0 uses this crate, so presumably once they update this will be resolved.

[josephlr]

@acgetchell you should be able to use the correct version of libc without any crates needing to do anything, as 0.2.155 is compatible with 0.2.154

[acgetchell]

Ah, thanks. I'm not a direct consumer, though. Unless there's something I haven't understood from the Cargo book, I didn't see a way to specify libc 0.2.155 directly other than mucking around with Cargo.lock, which seems to be disfavored.

[josephlr]

@acgetchell if the problematic Cargo.lock file is in your project, you can either delete and regenerate it or call cargo update to bump your dependencies. This page explains how all that works: https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html