This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
ontprox(22 total, 2 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| axum | ^0.7 | 0.7.5 | up to date |
| axum-extra | ^0.9 | 0.9.3 | up to date |
| clap | ^4.5 | 4.5.17 | up to date |
| cli_utils_hoijui | ^0.7 | 0.9.0 | out of date |
| const_format | ^0.2 | 0.2.33 | up to date |
| dirs | ^5.0 | 5.0.1 | up to date |
| futures | ^0.3 | 0.3.30 | up to date |
| git-version | ^0.3 | 0.3.9 | up to date |
| mediatype | ^0.19 | 0.19.18 | up to date |
| once_cell | ^1.19 | 1.20.0 | up to date |
| openssl ⚠️ | =0.10.64 | 0.10.66 | out of date |
| rdfoothills | ^0.3 | 0.3.1 | up to date |
| regex | ^1.10 | 1.10.6 | up to date |
| reqwest | ^0.12 | 0.12.7 | up to date |
| serde | ^1.0 | 1.0.210 | up to date |
| thiserror | ^1.0 | 1.0.63 | up to date |
| tokio | ^1.38 | 1.40.0 | up to date |
| tokio-util | ^0.7 | 0.7.12 | up to date |
| tower-http | ^0.5.2 | 0.5.2 | up to date |
| tracing | ^0.1 | 0.1.40 | up to date |
| tracing-subscriber | ^0.3 | 0.3.18 | up to date |
| url | ^2.5 | 2.5.2 | up to date |
openssl: `MemBio::get_buf` has undefined behavior with empty buffersPreviously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.