This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate ruspiro-mailbox

Dependencies

(4 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 paste^0.1.51.0.14out of date
 ruspiro-cache^0.10.4.1out of date
 ruspiro-register^0.10.5.5out of date
 ruspiro-singleton ⚠️^0.20.4.3out of date

Security Vulnerabilities

ruspiro-singleton: Singleton lacks bounds on Send and Sync.

RUSTSEC-2020-0115

Singleton<T> is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally.

This allows for a bug where non-Sync types such as Cell can be used in singletons and cause data races in concurrent programs.

The flaw was corrected in commit b0d2bd20e by adding trait bounds, requiring the contaiend type to implement Sync.