Deps.rs

iggy-rs / iggy

[![dependency status](https://deps.rs/repo/github/iggy-rs/iggy/status.svg)](https://deps.rs/repo/github/iggy-rs/iggy)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate bench

Dependencies

(18 total, all up-to-date)

CrateRequiredLatestStatus
 async-trait^0.1.880.1.88up to date
 atomic-time^0.1.50.1.5up to date
 bytes^1.10.11.10.1up to date
 charming^0.4.00.4.0up to date
 chrono^0.4.400.4.40up to date
 clap^4.5.344.5.36up to date
 figlet-rs^0.1.50.1.5up to date
 hostname^0.4.00.4.1up to date
 human-repr^1.1.01.1.0up to date
 nonzero_lit^0.1.20.1.2up to date
 serde^1.0.2191.0.219up to date
 sysinfo^0.34.10.34.2up to date
 tokio^1.44.11.44.2up to date
 toml^0.8.200.8.20up to date
 tracing^0.1.410.1.41up to date
 tracing-appender^0.2.30.2.3up to date
 tracing-subscriber^0.3.190.3.19up to date
 uuid^1.16.01.16.0up to date

Crate iggy-bench-report

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 byte-unit^5.1.65.1.6up to date
 charming^0.4.00.4.0up to date
 colored^3.0.03.0.0up to date
 derive-new^0.7.00.7.0up to date
 derive_more^2.0.12.0.1up to date
 human-repr^1.1.01.1.0up to date
 serde^1.01.0.219up to date
 serde_json^1.01.0.140up to date
 sysinfo^0.34.10.34.2up to date
 tracing^0.10.1.41up to date
 uuid^1.16.01.16.0up to date

Crate iggy-cli

Dependencies

(12 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 anyhow^1.0.971.0.98up to date
 clap^4.5.344.5.36up to date
 clap_complete^4.5.474.5.47up to date
 figlet-rs^0.1.50.1.5up to date
 keyring^3.6.23.6.2up to date
 passterm=2.0.12.0.5out of date
 thiserror^2.0.122.0.12up to date
 tokio^1.44.11.44.2up to date
 tracing^0.1.410.1.41up to date
 tracing-appender^0.2.30.2.3up to date
 tracing-subscriber^0.3.190.3.19up to date

Crate iggy_examples

Dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 anyhow^1.0.971.0.98up to date
 bytes^1.10.11.10.1up to date
 clap^4.5.344.5.36up to date
 futures-util^0.3.310.3.31up to date
 rand^0.9.00.9.0up to date
 serde^1.0.2191.0.219up to date
 serde_json^1.0.1401.0.140up to date
 tokio^1.44.11.44.2up to date
 tracing^0.1.410.1.41up to date
 tracing-subscriber^0.3.190.3.19up to date

Crate integration

Dependencies

(24 total, all up-to-date)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 assert_cmd^2.0.162.0.16up to date
 async-trait^0.1.880.1.88up to date
 bytes^1.10.11.10.1up to date
 chrono^0.4.400.4.40up to date
 ctor^0.4.10.4.1up to date
 derive_more^2.0.12.0.1up to date
 env_logger^0.11.70.11.8up to date
 futures^0.3.310.3.31up to date
 humantime^2.2.02.2.0up to date
 keyring^3.6.23.6.2up to date
 lazy_static^1.5.01.5.0up to date
 libc^0.2.1710.2.172up to date
 log^0.4.270.4.27up to date
 predicates^3.1.33.1.3up to date
 regex^1.11.11.11.1up to date
 serial_test^3.2.03.2.0up to date
 tempfile^3.19.13.19.1up to date
 test-case^3.3.13.3.1up to date
 tokio^1.44.11.44.2up to date
 tracing-subscriber^0.3.190.3.19up to date
 twox-hash^2.1.02.1.0up to date
 uuid^1.16.01.16.0up to date
 zip^2.5.02.6.1up to date

Crate iggy

Dependencies

(41 total, 1 outdated)

CrateRequiredLatestStatus
 aes-gcm^0.10.30.10.3up to date
 ahash^0.8.110.8.11up to date
 anyhow^1.0.971.0.98up to date
 async-broadcast^0.7.20.7.2up to date
 async-dropper^0.3.10.3.1up to date
 async-trait^0.1.880.1.88up to date
 base64^0.22.10.22.1up to date
 bon^3.53.6.0up to date
 byte-unit^5.1.65.1.6up to date
 bytes^1.10.11.10.1up to date
 chrono^0.4.400.4.40up to date
 clap^4.5.344.5.36up to date
 comfy-table^7.1.47.1.4up to date
 crc32fast^1.4.21.4.2up to date
 dashmap^6.1.06.1.0up to date
 derive_more^2.0.12.0.1up to date
 dirs^6.0.06.0.0up to date
 fast-async-mutex^0.6.70.6.7up to date
 flume^0.11.10.11.1up to date
 futures^0.3.310.3.31up to date
 futures-util^0.3.310.3.31up to date
 humantime^2.2.02.2.0up to date
 keyring^3.6.23.6.2up to date
 passterm=2.0.12.0.5out of date
 quinn^0.11.70.11.7up to date
 reqwest^0.12.150.12.15up to date
 reqwest-middleware^0.4.10.4.2up to date
 reqwest-retry^0.7.00.7.0up to date
 rustls^0.23.250.23.26up to date
 serde^1.0.2191.0.219up to date
 serde_json^1.0.1401.0.140up to date
 serde_with^3.12.03.12.0up to date
 strum^0.27.10.27.1up to date
 thiserror^2.0.122.0.12up to date
 tokio^1.44.11.44.2up to date
 tokio-rustls^0.26.20.26.2up to date
 toml^0.8.200.8.20up to date
 tracing^0.1.410.1.41up to date
 trait-variant^0.1.20.1.2up to date
 uuid^1.16.01.16.0up to date
 webpki-roots^0.26.80.26.8up to date

Build dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 convert_case^0.8.00.8.0up to date
 serde^1.0.2191.0.219up to date
 serde_derive^1.0.2191.0.219up to date

Crate server

Dependencies

(60 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.8.110.8.11up to date
 anyhow^1.0.971.0.98up to date
 async_zip^0.0.170.0.17up to date
 atone^0.3.70.3.7up to date
 axum^0.8.30.8.3up to date
 axum-server^0.7.20.7.2up to date
 bcrypt^0.17.00.17.0up to date
 bincode^2.0.12.0.1up to date
 blake3^1.7.01.8.1up to date
 bytes^1.10.11.10.1up to date
 chrono^0.4.400.4.40up to date
 clap^4.5.344.5.36up to date
 console-subscriber^0.4.10.4.1up to date
 dashmap^6.1.06.1.0up to date
 derive_more^2.0.12.0.1up to date
 dotenvy^0.15.70.15.7up to date
 error_set^0.8.50.8.5up to date
 figlet-rs^0.1.50.1.5up to date
 figment^0.10.190.10.19up to date
 flume^0.11.10.11.1up to date
 futures^0.3.310.3.31up to date
 human-repr^1.1.01.1.0up to date
 jsonwebtoken^9.3.19.3.1up to date
 mimalloc^0.10.1.46up to date
 moka^0.12.100.12.10up to date
 nix^0.290.29.0up to date
 openssl ⚠️^0.10.710.10.72maybe insecure
 opentelemetry^0.29.00.29.1up to date
 opentelemetry-appender-tracing^0.29.10.29.1up to date
 opentelemetry-otlp^0.29.00.29.0up to date
 opentelemetry-semantic-conventions^0.29.00.29.0up to date
 opentelemetry_sdk^0.29.00.29.0up to date
 prometheus-client^0.23.10.23.1up to date
 quinn^0.11.70.11.7up to date
 rcgen^0.13.20.13.2up to date
 reqwest^0.12.150.12.15up to date
 ring^0.17.140.17.14up to date
 rust-s3^0.35.10.35.1up to date
 rustls^0.23.250.23.26up to date
 rustls-pemfile^2.2.02.2.0up to date
 serde^1.0.2191.0.219up to date
 serde_json^1.0.1401.0.140up to date
 serde_with^3.12.03.12.0up to date
 static-toml^1.3.01.3.0up to date
 strum^0.27.10.27.1up to date
 sysinfo^0.34.10.34.2up to date
 tempfile^3.193.19.1up to date
 thiserror^2.0.122.0.12up to date
 tokio^1.44.11.44.2up to date
 tokio-native-tls^0.3.10.3.1up to date
 tokio-util^0.7.140.7.14up to date
 toml^0.8.200.8.20up to date
 tower-http^0.6.20.6.2up to date
 tracing^0.1.410.1.41up to date
 tracing-appender^0.2.30.2.3up to date
 tracing-opentelemetry^0.30.00.30.0up to date
 tracing-subscriber^0.3.190.3.19up to date
 twox-hash^2.1.02.1.0up to date
 ulid^1.2.11.2.1up to date
 uuid^1.16.01.16.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 mockall^0.13.10.13.1up to date

Build dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 figment^0.10.190.10.19up to date
 serde_json^1.0.1401.0.140up to date
 vergen-git2^1.0.51.0.7up to date

Crate tools

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.971.0.98up to date
 clap^4.5.344.5.36up to date
 rand^0.9.00.9.0up to date
 tokio^1.44.11.44.2up to date
 tracing^0.1.410.1.41up to date
 tracing-subscriber^0.3.190.3.19up to date

Security Vulnerabilities

openssl: Use-After-Free in `Md::fetch` and `Cipher::fetch`

RUSTSEC-2025-0022

When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result.

In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior).

The maintainers thank quitbug for reporting this vulnerability to us.