This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
gix(59 total, 49 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| async-std | ^1.12.0 | 1.13.2 | up to date |
| document-features | ^0.2.0 | 0.2.12 | up to date |
| gix-actor | ^0.35.2 | 0.39.0 | out of date |
| gix-archive | ^0.22.0 | 0.28.0 | out of date |
| gix-attributes | ^0.27.0 | 0.30.1 | out of date |
| gix-blame | ^0.3.0 | 0.9.0 | out of date |
| gix-command | ^0.6.2 | 0.7.1 | out of date |
| gix-commitgraph | ^0.29.0 | 0.33.0 | out of date |
| gix-config | ^0.46.0 | 0.52.0 | out of date |
| gix-credentials | ^0.30.0 | 0.36.0 | out of date |
| gix-date ⚠️ | ^0.10.3 | 0.14.0 | out of date |
| gix-diff | ^0.53.0 | 0.59.0 | out of date |
| gix-dir | ^0.15.0 | 0.21.0 | out of date |
| gix-discover | ^0.41.0 | 0.47.0 | out of date |
| gix-features | ^0.43.0 | 0.46.1 | out of date |
| gix-filter | ^0.20.0 | 0.26.0 | out of date |
| gix-fs | ^0.16.0 | 0.19.1 | out of date |
| gix-glob | ^0.21.0 | 0.24.0 | out of date |
| gix-hash | ^0.19.0 | 0.22.1 | out of date |
| gix-hashtable | ^0.9.0 | 0.12.0 | out of date |
| gix-ignore | ^0.16.0 | 0.19.0 | out of date |
| gix-index | ^0.41.0 | 0.47.0 | out of date |
| gix-lock | ^18.0.0 | 21.0.1 | out of date |
| gix-mailmap | ^0.27.2 | 0.31.0 | out of date |
| gix-merge | ^0.6.0 | 0.12.0 | out of date |
| gix-negotiate | ^0.21.0 | 0.27.0 | out of date |
| gix-object | ^0.50.0 | 0.56.0 | out of date |
| gix-odb | ^0.70.0 | 0.76.0 | out of date |
| gix-pack | ^0.60.0 | 0.66.0 | out of date |
| gix-path | ^0.10.19 | 0.11.1 | out of date |
| gix-pathspec | ^0.12.0 | 0.15.1 | out of date |
| gix-prompt | ^0.11.1 | 0.13.1 | out of date |
| gix-protocol | ^0.51.0 | 0.57.0 | out of date |
| gix-ref | ^0.53.0 | 0.59.0 | out of date |
| gix-refspec | ^0.31.0 | 0.37.0 | out of date |
| gix-revision | ^0.35.0 | 0.41.0 | out of date |
| gix-revwalk | ^0.21.0 | 0.27.0 | out of date |
| gix-sec | ^0.12.0 | 0.13.1 | out of date |
| gix-shallow | ^0.5.0 | 0.8.1 | out of date |
| gix-status | ^0.20.0 | 0.26.0 | out of date |
| gix-submodule | ^0.20.0 | 0.26.0 | out of date |
| gix-tempfile | ^18.0.0 | 21.0.1 | out of date |
| gix-trace | ^0.1.13 | 0.1.18 | up to date |
| gix-transport | ^0.48.0 | 0.54.0 | out of date |
| gix-traverse | ^0.47.0 | 0.53.0 | out of date |
| gix-url | ^0.32.0 | 0.35.1 | out of date |
| gix-utils | ^0.3.0 | 0.3.1 | up to date |
| gix-validate | ^0.10.0 | 0.11.0 | out of date |
| gix-worktree | ^0.42.0 | 0.48.0 | out of date |
| gix-worktree-state | ^0.20.0 | 0.26.0 | out of date |
| gix-worktree-stream | ^0.22.0 | 0.28.0 | out of date |
| once_cell | ^1.21.3 | 1.21.3 | up to date |
| parking_lot | ^0.12.4 | 0.12.5 | up to date |
| prodash | ^30.0.1 | 31.0.0 | out of date |
| regex | ^1.6.0 | 1.12.3 | up to date |
| serde | ^1.0.114 | 1.0.228 | up to date |
| signal-hook | ^0.3.18 | 0.4.3 | out of date |
| smallvec | ^1.15.1 | 1.15.1 | up to date |
| thiserror | ^2.0.0 | 2.0.18 | up to date |
(8 total, 1 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| anyhow | ^1 | 1.0.101 | up to date |
| async-std | ^1.12.0 | 1.13.2 | up to date |
| insta | ^1.43.1 | 1.46.3 | up to date |
| is_ci | ^1.1.1 | 1.2.0 | up to date |
| pretty_assertions | ^1.4.0 | 1.4.1 | up to date |
| serial_test | ^3.1.0 | 3.3.1 | up to date |
| termtree | ^0.5.1 | 1.0.0 | out of date |
| walkdir | ^2.3.2 | 2.5.0 | up to date |
gix-date: Non-utf8 String can be created with `TimeBuf::as_str`The function gix_date::parse::TimeBuf::as_str can create an illegal string containing non-utf8 characters. This violates the safety invariant of TimeBuf and can lead to undefined behavior when consuming the string.
The bug can be prevented by adding str::from_utf8 to the function TimeBuf::write.