Deps.rs

nu-command 0.85.0

[![dependency status](https://deps.rs/crate/nu-command/0.85.0/status.svg)](https://deps.rs/crate/nu-command/0.85.0)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate nu-command

Dependencies

(86 total, 36 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 alphanumeric-sort^1.51.5.3up to date
 base64^0.210.22.1out of date
 bracoxide^0.1.20.1.3up to date
 byteorder^1.41.5.0up to date
 bytesize^1.31.3.0up to date
 calamine^0.220.25.0out of date
 chardetng^0.1.170.1.17up to date
 chrono ⚠️^0.40.4.38maybe insecure
 chrono-humanize^0.2.30.2.3up to date
 chrono-tz^0.80.10.0out of date
 crossterm^0.270.28.1out of date
 csv^1.21.3.0up to date
 dialoguer^0.100.11.0out of date
 digest^0.100.10.7up to date
 dtparse^2.02.0.1up to date
 encoding_rs^0.80.8.34up to date
 fancy-regex^0.110.13.0out of date
 filesize^0.20.2.0up to date
 filetime^0.20.2.25up to date
 fs_extra^1.31.3.0up to date
 htmlescape^0.30.3.1up to date
 indexmap^2.02.5.0up to date
 indicatif^0.170.17.8up to date
 itertools^0.110.13.0out of date
 libc^0.20.2.158up to date
 log^0.40.4.22up to date
 lscolors^0.150.19.0out of date
 md-5^0.100.10.6up to date
 miette^5.107.2.0out of date
 mime^0.30.3.17up to date
 mime_guess^2.02.0.5up to date
 native-tls^0.20.2.12up to date
 nix^0.270.29.0out of date
 notify-debouncer-full^0.30.3.1up to date
 nu-ansi-term^0.49.00.50.1out of date
 nu-cmd-base^0.85.00.97.1out of date
 nu-color-config^0.85.00.97.1out of date
 nu-engine^0.85.00.97.1out of date
 nu-glob^0.85.00.97.1out of date
 nu-json^0.85.00.97.1out of date
 nu-parser^0.85.00.97.1out of date
 nu-path^0.85.00.97.1out of date
 nu-pretty-hex^0.85.00.97.1out of date
 nu-protocol^0.85.00.97.1out of date
 nu-system^0.85.00.97.1out of date
 nu-table^0.85.00.97.1out of date
 nu-term-grid^0.85.00.97.1out of date
 nu-utils^0.85.00.97.1out of date
 num^0.40.4.3up to date
 num-format^0.40.4.4up to date
 num-traits^0.20.2.19up to date
 once_cell^1.181.20.0up to date
 open^5.05.3.0up to date
 os_pipe^1.11.2.1up to date
 pathdiff^0.20.2.1up to date
 percent-encoding^2.32.3.1up to date
 powierza-coefficient^1.01.0.2up to date
 print-positions^0.60.6.1up to date
 quick-xml^0.300.36.1out of date
 rand^0.80.8.5up to date
 rayon^1.71.10.0up to date
 regex^1.71.10.6up to date
 roxmltree^0.180.20.0out of date
 rusqlite^0.290.32.1out of date
 same-file^1.01.0.6up to date
 serde^1.01.0.210up to date
 serde_json^1.01.0.128up to date
 serde_urlencoded^0.70.7.1up to date
 serde_yaml^0.90.9.34+deprecatedup to date
 sha2^0.100.10.8up to date
 sysinfo^0.290.31.4out of date
 tabled^0.14.00.16.0out of date
 terminal_size^0.30.3.0up to date
 titlecase^2.03.3.0out of date
 toml^0.80.8.19up to date
 trash^3.05.1.1out of date
 umask^2.12.1.0up to date
 unicode-segmentation^1.101.12.0up to date
 ureq^2.72.10.1up to date
 url^2.22.5.2up to date
 uu_cp^0.0.210.0.27out of date
 uuid^1.31.10.0up to date
 wax^0.50.6.0out of date
 which^4.46.0.3out of date
 windows^0.480.58.0out of date
 winreg^0.510.52.0out of date

Dev dependencies

(7 total, 3 outdated)

CrateRequiredLatestStatus
 dirs-next^2.02.0.0up to date
 mockito^1.21.5.0up to date
 nu-cmd-lang^0.85.00.97.1out of date
 nu-test-support^0.85.00.97.1out of date
 quickcheck^1.01.0.3up to date
 quickcheck_macros^1.01.0.0up to date
 rstest^0.180.22.0out of date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References