Deps.rs

swc_plugin_runner 0.112.2

[![dependency status](https://deps.rs/crate/swc_plugin_runner/0.112.2/status.svg)](https://deps.rs/crate/swc_plugin_runner/0.112.2)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate swc_plugin_runner

Dependencies

(18 total, 9 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^1.0.811.0.92up to date
 enumset^1.1.21.1.5up to date
 futures^0.30.3.31up to date
 once_cell^1.19.01.20.2up to date
 parking_lot^0.12.10.12.3up to date
 serde^1.0.1971.0.214up to date
 serde_json^1.0.1151.0.132up to date
 swc_common^0.37.03.0.0out of date
 swc_css_ast^0.144.03.0.0out of date
 swc_ecma_ast^0.118.03.0.0out of date
 swc_plugin_proxy^0.47.03.0.0out of date
 tokio ⚠️^11.41.0maybe insecure
 tracing^0.1.400.1.40up to date
 virtual-fs=0.11.40.19.0out of date
 wasmer^4.3.55.0.0out of date
 wasmer-cache^4.3.55.0.0out of date
 wasmer-compiler-cranelift^4.3.55.0.0out of date
 wasmer-wasix^0.25.00.30.0out of date

Dev dependencies

(12 total, 9 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 codspeed-criterion-compat^2.6.02.7.2up to date
 criterion^0.5.10.5.1up to date
 swc_atoms^0.6.52.0.0out of date
 swc_css_ast^0.144.03.0.0out of date
 swc_css_parser^0.154.03.0.0out of date
 swc_ecma_ast^0.118.03.0.0out of date
 swc_ecma_loader^0.49.03.0.0out of date
 swc_ecma_parser^0.149.04.0.0out of date
 swc_ecma_visit^0.104.03.0.0out of date
 swc_malloc^0.5.101.0.0out of date
 testing^0.39.03.0.0out of date
 tokio ⚠️^11.41.0maybe insecure

Security Vulnerabilities

tokio: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);