RUSTSEC-2020-0056: stdweb is unmaintained

[github-actions]

stdweb is unmaintained

Details
Status	unmaintained
Package	stdweb
Version	0.4.20
URL	koute/stdweb#403
Date	2020-05-04

The author of the stdweb crate is unresponsive.

Maintained alternatives:

• wasm-bindgen
• js-sys
• web-sys

See advisory page for additional details.

[afilini]

Wait, do we actually depend on stdweb? I can't find it anywhere

[notmandatory]

It looks like the culprit is the time crate, which is an indirect dependency of ureq 😞 but only if we enable the cookie feature which we do NOT enable 😄. I don't know why audit still flagging it, but since stdweb is not in any way part of our dependency tree I'm closing this issue.

% cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 371 security advisories (from /home/steve/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (240 crate dependencies)
Crate:         stdweb
Version:       0.4.20
Warning:       unmaintained
Title:         stdweb is unmaintained
Date:          2020-05-04
ID:            RUSTSEC-2020-0056
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree: 
stdweb 0.4.20
└── time 0.2.27
    ├── cookie_store 0.12.0
    │   └── ureq 1.5.5
    └── cookie 0.14.4
        ├── ureq 1.5.5
        └── cookie_store 0.12.0

warning: 1 allowed warning found