This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
metrics(15 total, 11 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| arc-swap | ^0.3 | 1.7.1 | out of date |
| crossbeam-utils | ^0.6 | 0.8.19 | out of date |
| futures | ^0.1 | 0.3.30 | out of date |
| fxhash | ^0.2 | 0.2.1 | up to date |
| hashbrown | ^0.4 | 0.14.5 | out of date |
| im | ^12 | 15.1.0 | out of date |
| metrics-core | ^0.4 | 0.5.2 | out of date |
| metrics-exporter-http | ^0.1 | 0.3.0 | out of date |
| metrics-exporter-log | ^0.2 | 0.4.0 | out of date |
| metrics-facade | ^0.1 | 0.1.1 | up to date |
| metrics-recorder-prometheus | ^0.2 | 0.2.3 | up to date |
| metrics-recorder-text | ^0.2 | 0.2.2 | up to date |
| metrics-util ⚠️ | ^0.2 | 0.16.3 | out of date |
| parking_lot | ^0.8 | 0.12.2 | out of date |
| quanta | ^0.3 | 0.12.3 | out of date |
(6 total, 3 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| criterion | ^0.2.9 | 0.5.1 | out of date |
| env_logger | ^0.6 | 0.11.3 | out of date |
| getopts | ^0.2 | 0.2.21 | up to date |
| hdrhistogram | ^6.1 | 7.5.4 | out of date |
| lazy_static | ^1.3 | 1.4.0 | up to date |
| log | ^0.4 | 0.4.21 | up to date |
metrics-util: AtomicBucket<T> unconditionally implements Send/SyncIn the affected versions of the crate, AtomicBucket<T> unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner
T: !Sync by using the AtomicBucket::data_with() API.
Such data races can potentially cause memory corruption or other undefined behavior.
The flaw was fixed in commit 8e6daab by adding appropriate Send/Sync bounds to the Send/Sync impl of struct Block<T> (which is a data type contained inside AtomicBucket<T>).