Deps.rs

cargo-tarpaulin 0.32.3

[![dependency status](https://deps.rs/crate/cargo-tarpaulin/0.32.3/status.svg)](https://deps.rs/crate/cargo-tarpaulin/0.32.3)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate cargo-tarpaulin

Dependencies

(29 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 cargo_metadata^0.190.19.2up to date
 cfg-if^1.0.01.0.0up to date
 chrono ⚠️^0.40.4.40maybe insecure
 clap^4.4.04.5.36up to date
 coveralls-api^0.7.00.7.0up to date
 gimli^0.31.10.31.1up to date
 git2^0.200.20.1up to date
 glob^0.3.20.3.2up to date
 humantime-serde^11.1.1up to date
 indexmap~1.82.9.0out of date
 lazy_static^1.51.5.0up to date
 libc^0.2.1710.2.172up to date
 llvm_profparser^0.7.10.7.1up to date
 nix^0.29.00.29.0up to date
 num_cpus^1.16.01.16.0up to date
 object^0.360.36.7up to date
 proc-macro2^1.01.0.95up to date
 procfs^0.170.17.0up to date
 quick-xml^0.370.37.4up to date
 quote^1.01.0.40up to date
 regex^1.111.11.1up to date
 rustc-demangle^0.1.240.1.24up to date
 serde^1.01.0.219up to date
 serde_json^1.01.0.140up to date
 syn^2.02.0.100up to date
 toml^0.80.8.20up to date
 tracing^0.10.1.41up to date
 tracing-subscriber^0.3.190.3.19up to date
 walkdir^2.5.02.5.0up to date

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 lcov^0.8.10.8.1up to date
 rusty-fork^0.3.00.3.0up to date
 test-log^0.2.170.2.17up to date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References