Deps.rs

joaoh82 / rust_sqlite

[![dependency status](https://deps.rs/repo/github/joaoh82/rust_sqlite/status.svg)](https://deps.rs/repo/github/joaoh82/rust_sqlite)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate sqlrite-engine

Dependencies

(10 total, 1 outdated)

CrateRequiredLatestStatus
 log^0.40.4.30up to date
 sqlparser^0.610.62.0out of date
 thiserror^2.02.0.18up to date
 prettytable-rs^0.100.10.0up to date
 serde_json^11.0.150up to date
 rustyline^18.018.0.0up to date
 rustyline-derive^0.120.12.0up to date
 env_logger^0.110.11.10up to date
 clap^4.64.6.1up to date
 fs2^0.40.4.3up to date

Crate sqlrite-ask

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 serde^11.0.228up to date
 serde_json^11.0.150up to date
 ureq^23.3.0out of date
 thiserror^22.0.18up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tiny_http^0.120.12.0up to date

Crate sqlrite-desktop

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 tauri^22.11.2up to date
 tauri-plugin-dialog^22.7.1up to date
 serde^11.0.228up to date
 serde_json^11.0.150up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tauri-build^22.6.2up to date

Crate sqlrite-ffi

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.228up to date
 serde_json^11.0.150up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 cbindgen^0.290.29.2up to date

Crate sqlrite-mcp

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.228up to date
 serde_json^11.0.150up to date
 clap^44.6.1up to date
 libc^0.20.2.186up to date

Crate sqlrite-python

Dependencies

(1 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 pyo3 ⚠️^0.230.28.3out of date

Crate sqlrite-nodejs

Dependencies

(2 total, 2 outdated)

CrateRequiredLatestStatus
 napi^2.163.9.0out of date
 napi-derive^2.163.5.6out of date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 napi-build^2.22.3.2up to date

Crate sqlrite-benchmarks

Dependencies

(10 total, 4 outdated)

CrateRequiredLatestStatus
 rusqlite^0.360.40.0out of date
 duckdb^1.41.10503.1up to date
 criterion^0.50.8.2out of date
 rand^0.80.10.1out of date
 rand_chacha^0.30.10.0out of date
 serde^11.0.228up to date
 serde_json^11.0.150up to date
 tempfile^33.27.0up to date
 anyhow^11.0.102up to date
 walkdir^22.5.0up to date

Security Vulnerabilities

pyo3: Risk of buffer overflow in `PyString::from_object`

RUSTSEC-2025-0020

PyString::from_object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read (by raising a Python exception containing a copy of the data including the overflow).

In PyO3 0.24.1 this function will now allocate a CString to guarantee a terminating nul bytes. PyO3 0.25 will likely offer an alternative API which takes &CStr arguments.