RUSTSEC-2024-0384: error[unmaintained]: instant is unmaintained

[stevenj]

Describe the bug

cargo-deny is complaining about unmaintained crates used by rust-ipfs v0.14.1

error[unmaintained]: `instant` is unmaintained
    ┌─ /home/.../Cargo.lock:254:1
    │
254 │ instant 0.1.13 registry+https://github.com/rust-lang/crates.io-index
    │ -------------------------------------------------------------------- unmaintained advisory detected
    │
    = ID: RUSTSEC-2024-0384
    = Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0384
    = This crate is no longer maintained, and the author recommends using the maintained [`web-time`] crate instead.

      [`web-time`]: https://crates.io/crates/web-time
    = Solution: No safe upgrade is available!
    = instant v0.1.13
      ├── futures-ticker v0.0.3
      │   └── libp2p-gossipsub v0.47.0
      │       └── libp2p v0.54.1
      │           ├── libp2p-relay-manager v0.3.1
      │           │   └── rust-ipfs v0.14.1
      │           │       └── ...
      │           └── rust-ipfs v0.14.1 (*)
      └── rust-ipfs v0.14.1 (*)

[dariusc93]

Thanks for the report. Indeed instant is unmaintained and should not be used, however, it is currently used here under wasm32-unknown-unknown target as a feature due one of the dependencies used upstream in libp2p still relying on it and was overlooked in libp2p/rust-libp2p#5347. It is corrected upstream in libp2p/rust-libp2p#5674 and only awaiting a release upstream before updating it here :)

EDIT: We can leave this open until it is released upstream and will close it once we update