metrics-recorder-prometheus 0.2.3

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `metrics-recorder-prometheus`

Dependencies

(3 total, 3 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
hdrhistogram	`^6.1`	`7.5.4`	out of date
metrics-core	`^0.4`	`0.5.2`	out of date
metrics-util ⚠️	`^0.2`	`0.16.3`	out of date

Security Vulnerabilities

`metrics-util`: AtomicBucket<T> unconditionally implements Send/Sync

RUSTSEC-2021-0113

In the affected versions of the crate, AtomicBucket<T> unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner T: !Sync by using the AtomicBucket::data_with() API. Such data races can potentially cause memory corruption or other undefined behavior.

The flaw was fixed in commit 8e6daab by adding appropriate Send/Sync bounds to the Send/Sync impl of struct Block<T> (which is a data type contained inside AtomicBucket<T>).

metrics-recorder-prometheus 0.2.3

Crate metrics-recorder-prometheus

Dependencies

Security Vulnerabilities

metrics-util: AtomicBucket<T> unconditionally implements Send/Sync

Crate `metrics-recorder-prometheus`

`metrics-util`: AtomicBucket<T> unconditionally implements Send/Sync