This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate cargo-generate

Dependencies

(35 total, 7 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 git2~0.190.19.0up to date
 anstyle^1.0.71.0.10up to date
 anyhow~1.01.0.94up to date
 auth-git2~0.50.5.5up to date
 clap~4.54.5.23up to date
 console~0.150.15.8up to date
 dialoguer~0.110.11.0up to date
 env_logger~0.110.11.5up to date
 fs-err^2.113.0.0out of date
 gix-config~0.400.42.0out of date
 heck~0.50.5.0up to date
 home~0.50.5.9up to date
 ignore~0.40.4.23up to date
 indexmap~22.7.0up to date
 indicatif~0.170.17.9up to date
 liquid~0.260.26.9up to date
 liquid-core~0.260.26.9up to date
 liquid-derive~0.260.26.8up to date
 liquid-lib~0.260.26.9up to date
 log~0.40.4.22up to date
 names~0.140.14.0up to date
 openssl ⚠️~0.100.10.68maybe insecure
 paste~1.01.0.15up to date
 path-absolutize~3.13.1.1up to date
 regex~1.111.11.1up to date
 remove_dir_all~0.81.0.0out of date
 rhai~1.191.20.0out of date
 sanitize-filename~0.50.6.0out of date
 semver~1.01.0.23up to date
 serde~1.01.0.216up to date
 tempfile~3.133.14.0out of date
 thiserror~1.02.0.6out of date
 time~0.30.3.37up to date
 toml~0.80.8.19up to date
 walkdir~2.52.5.0up to date

Dev dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 assert_cmd~2.02.0.16up to date
 bstr~1.101.11.1out of date
 indoc~2.02.0.5up to date
 predicates~3.13.1.2up to date
 url~2.52.5.4up to date

Security Vulnerabilities

openssl: `MemBio::get_buf` has undefined behavior with empty buffers

RUSTSEC-2024-0357

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.