kitsune-soc / kitsune

This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate `kitsune-activitypub`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
base64-simd	`^0.8.0`	`0.8.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
headers	`^0.4.0`	`0.4.0`	up to date
http	`^1.1.0`	`1.1.0`	up to date
mime	`^0.3.17`	`0.3.17`	up to date
mime_guess	`^2.0.5`	`2.0.5`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
sha2	`^0.10.8`	`0.10.8`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
url	`^2.5.2`	`2.5.2`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
http-body-util	`^0.1.2`	`0.1.2`	up to date
hyper	`^1.5.0`	`1.5.0`	up to date
pretty_assertions	`^1.4.1`	`1.4.1`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `kitsune-cache`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
enum_dispatch	`^0.3.13`	`0.3.13`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-captcha`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
enum_dispatch	`^0.3.13`	`0.3.13`	up to date
http	`^1.1.0`	`1.1.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
serde_urlencoded	`^0.7.1`	`0.7.1`	up to date
strum	`^0.26.3`	`0.26.3`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-config`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
eyre	`^0.6.12`	`0.6.12`	up to date
human-size	`^0.4.3`	`0.4.3`	up to date
isolang	`^2.4.0`	`2.4.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
toml	`^0.8.19`	`0.8.19`	up to date

Crate `kitsune-core`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
const_format	`^0.2.33`	`0.2.33`	up to date
git-version	`^0.3.9`	`0.3.9`	up to date
paste	`^1.0.15`	`1.0.15`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
unsize	`^1.1.0`	`1.1.0`	up to date

Crate `kitsune-db`

Dependencies

(12 total, 1 outdated)

Crate	Required	Latest	Status
diesel_migrations	`^2.2.0`	`2.2.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
num-derive	`^0.4.2`	`0.4.2`	up to date
num-traits	`^0.2.19`	`0.2.19`	up to date
rustls	`^0.23.15`	`0.23.15`	up to date
rustls-native-certs	`^0.8.0`	`0.8.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
tokio-postgres	`^0.7.12`	`0.7.12`	up to date
tokio-postgres-rustls	`^0.12.0`	`0.13.0`	out of date
tracing	`^0.1.40`	`0.1.40`	up to date
tracing-log	`^0.2.0`	`0.2.0`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-derive`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-derive-impl`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
proc-macro2	`^1.0.88`	`1.0.89`	up to date
quote	`^1.0.37`	`1.0.37`	up to date
syn	`^2.0.79`	`2.0.82`	up to date

Crate `kitsune-email`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
askama_axum	`^0.4.0`	`0.4.0`	up to date
lettre	`^0.11.9`	`0.11.9`	up to date
mrml	`^4.0.1`	`4.0.1`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-embed`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
http	`^1.1.0`	`1.1.0`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date

Crate `kitsune-error`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
axum-core	`^0.4.5`	`0.4.5`	up to date
eyre	`^0.6.12`	`0.6.12`	up to date
http	`^1.1.0`	`1.1.0`	up to date
sync_wrapper	`^1.0.1`	`1.0.1`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Crate `kitsune-federation`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-federation-filter`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
globset	`^0.4.15`	`0.4.15`	up to date
url	`^2.5.2`	`2.5.2`	up to date

Crate `kitsune-http-client`

Dependencies

(11 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.7.2`	`1.8.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http-body	`^1.0.1`	`1.0.1`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
hyper	`^1.5.0`	`1.5.0`	up to date
hyper-util	`^0.1.9`	`0.1.9`	up to date
hyper-rustls	`^0.27.3`	`0.27.3`	up to date
pin-project	`^1.1.6`	`1.1.6`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
tower	`^0.5.1`	`0.5.1`	up to date
tower-http	`^0.6.1`	`0.6.1`	up to date

Crate `kitsune-jobs`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
derive_more	`^1.0.0`	`1.0.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-language`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
isolang	`^2.4.0`	`2.4.0`	up to date
rustc-hash	`^2.0.0`	`2.0.0`	up to date
whatlang	`^0.16.4`	`0.16.4`	up to date
whichlang	`^0.1.0`	`0.1.0`	up to date

Crate `kitsune-mastodon`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
futures-util	`^0.3.31`	`0.3.31`	up to date
mime	`^0.3.17`	`0.3.17`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-observability`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
eyre	`^0.6.12`	`0.6.12`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
hyper	`^1.5.0`	`1.5.0`	up to date
opentelemetry	`^0.26.0`	`0.26.0`	up to date
opentelemetry-http	`^0.26.0`	`0.26.0`	up to date
opentelemetry-otlp	`^0.26.0`	`0.26.0`	up to date
opentelemetry_sdk	`^0.26.0`	`0.26.0`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
tracing-error	`^0.2.0`	`0.2.0`	up to date
tracing-opentelemetry	`^0.27.0`	`0.27.0`	up to date
tracing-subscriber	`^0.3.18`	`0.3.18`	up to date

Crate `kitsune-oidc`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
enum_dispatch	`^0.3.13`	`0.3.13`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
oauth2	`^5.0.0-rc.1`	`4.4.2`	up to date
openidconnect	`^4.0.0-rc.1`	`3.5.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
url	`^2.5.2`	`2.5.2`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
tokio	`^1.40.0`	`1.41.0`	up to date

Crate `kitsune-s3`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.7.2`	`1.8.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http	`^1.1.0`	`1.1.0`	up to date
quick-xml	`^0.36.2`	`0.36.2`	up to date
rusty-s3	`^0.5.0`	`0.5.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `kitsune-scss-compiler`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
eyre	`^0.6.12`	`0.6.12`	up to date
glob	`^0.3.1`	`0.3.1`	up to date
grass_compiler	`^0.13.4`	`0.13.4`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Crate `kitsune-search`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
bytes	`^1.7.2`	`1.8.0`	up to date
enum_dispatch	`^0.3.13`	`0.3.13`	up to date
futures-io	`^0.3.31`	`0.3.31`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http	`^1.1.0`	`1.1.0`	up to date
meilisearch-sdk	`^0.27.1`	`0.27.1`	up to date
pin-project-lite	`^0.2.14`	`0.2.14`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
serde_urlencoded	`^0.7.1`	`0.7.1`	up to date
strum	`^0.26.3`	`0.26.3`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Crate `kitsune-service`

Dependencies

(20 total, 1 insecure)

Crate	Required	Latest	Status
ahash	`^0.8.11`	`0.8.11`	up to date
argon2	`^0.5.3`	`0.5.3`	up to date
bytes	`^1.7.2`	`1.8.0`	up to date
derive_builder	`^0.20.2`	`0.20.2`	up to date
eyre	`^0.6.12`	`0.6.12`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http	`^1.1.0`	`1.1.0`	up to date
img-parts	`^0.3.0`	`0.3.0`	up to date
mime	`^0.3.17`	`0.3.17`	up to date
password-hash	`^0.5.0`	`0.5.0`	up to date
pkcs8	`^0.10.2`	`0.10.2`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
rsa ⚠️	`^0.9.6`	`0.9.6`	insecure
rusty-s3	`^0.5.0`	`0.5.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
url	`^2.5.2`	`2.5.2`	up to date
zxcvbn	`^3.1.0`	`3.1.0`	up to date

Dev dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
hex-simd	`^0.8.0`	`0.8.0`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
hyper	`^1.5.0`	`1.5.0`	up to date
pretty_assertions	`^1.4.1`	`1.4.1`	up to date
tempfile	`^3.13.0`	`3.13.0`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `kitsune-storage`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.7.2`	`1.8.0`	up to date
derive_more	`^1.0.0`	`1.0.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
rusty-s3	`^0.5.0`	`0.5.0`	up to date
tokio-util	`^0.7.12`	`0.7.12`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
tempfile	`^3.13.0`	`3.13.0`	up to date

Crate `kitsune-test`

Dependencies

(10 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.7.2`	`1.8.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http	`^1.1.0`	`1.1.0`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
isolang	`^2.4.0`	`2.4.0`	up to date
pin-project-lite	`^0.2.14`	`0.2.14`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
rusty-s3	`^0.5.0`	`0.5.0`	up to date
url	`^2.5.2`	`2.5.2`	up to date
uuid	`^1.11.0`	`1.11.0`	up to date

Crate `kitsune-type`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
serde	`^1.0.210`	`1.0.213`	up to date
serde_with	`^3.11.0`	`3.11.0`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
strum	`^0.26.3`	`0.26.3`	up to date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
pretty_assertions	`^1.4.1`	`1.4.1`	up to date
rstest	`^0.23.0`	`0.23.0`	up to date
serde_test	`^1`	`1.0.177`	up to date

Crate `kitsune-url`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
smol_str	`^0.3.1`	`0.3.1`	up to date

Crate `kitsune-util`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
bubble-bath	`^0.2.0`	`0.2.0`	up to date
pulldown-cmark	`^0.12.2`	`0.12.2`	up to date
rand	`^0.8.5`	`0.8.5`	up to date

Crate `kitsune-wasm-mrf`

Dependencies

(13 total, 2 outdated)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
blake3	`^1.5.4`	`1.5.4`	up to date
color-eyre	`^0.6.3`	`0.6.3`	up to date
derive_more	`^1.0.0`	`1.0.0`	up to date
enum_dispatch	`^0.3.13`	`0.3.13`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
redb	`^2.1.4`	`2.1.4`	up to date
slab	`^0.4.9`	`0.4.9`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
walkdir	`^2.5.0`	`2.5.0`	up to date
wasmtime	`^25.0.2`	`26.0.0`	out of date
wasmtime-wasi	`^25.0.2`	`26.0.0`	out of date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
tempfile	`^3.13.0`	`3.13.0`	up to date
tracing-subscriber	`^0.3.18`	`0.3.18`	up to date
wat	`^1.219.1`	`1.219.1`	up to date

Crate `example-mrf`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
rand	`^0.8.5`	`0.8.5`	up to date
wit-bindgen	`^0.34.0`	`0.34.0`	up to date

Crate `kitsune-webfinger`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
http	`^1.1.0`	`1.1.0`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
urlencoding	`^2.1.3`	`2.1.3`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
http-body-util	`^0.1.2`	`0.1.2`	up to date
hyper	`^1.5.0`	`1.5.0`	up to date
pretty_assertions	`^1.4.1`	`1.4.1`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `kitsune`

Dependencies

(34 total, all up-to-date)

Crate	Required	Latest	Status
argon2	`^0.5.3`	`0.5.3`	up to date
askama_axum	`^0.4.0`	`0.4.0`	up to date
async-trait	`^0.1.83`	`0.1.83`	up to date
axum	`^0.7.7`	`0.7.7`	up to date
axum-extra	`^0.9.4`	`0.9.4`	up to date
axum-flash	`^0.8.0`	`0.8.0`	up to date
bytes	`^1.7.2`	`1.8.0`	up to date
chrono	`^0.4.38`	`0.4.38`	up to date
color-eyre	`^0.6.3`	`0.6.3`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
headers	`^0.4.0`	`0.4.0`	up to date
http	`^1.1.0`	`1.1.0`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
mimalloc	`^0.1.43`	`0.1.43`	up to date
mime	`^0.3.17`	`0.3.17`	up to date
mime_guess	`^2.0.5`	`2.0.5`	up to date
oxide-auth	`^0.6.1`	`0.6.1`	up to date
oxide-auth-async	`^0.2.1`	`0.2.1`	up to date
oxide-auth-axum	`^0.5.0`	`0.5.0`	up to date
rust-embed	`^8.5.0`	`8.5.0`	up to date
scoped-futures	`^0.1.3`	`0.1.3`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
serde_urlencoded	`^0.7.1`	`0.7.1`	up to date
strum	`^0.26.3`	`0.26.3`	up to date
tempfile	`^3.13.0`	`3.13.0`	up to date
time	`^0.3.36`	`0.3.36`	up to date
tokio-util	`^0.7.12`	`0.7.12`	up to date
tower	`^0.5.1`	`0.5.1`	up to date
tower-http	`^0.6.1`	`0.6.1`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
url	`^2.5.2`	`2.5.2`	up to date
async-graphql	`^7.0.11`	`7.0.11`	up to date
async-graphql-axum	`^7.0.11`	`7.0.11`	up to date

Build dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
camino	`^1.1.9`	`1.1.9`	up to date
fs_extra	`^1.3.0`	`1.3.0`	up to date

Crate `kitsune-cli`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
color-eyre	`^0.6.3`	`0.6.3`	up to date
dotenvy	`^0.15.7`	`0.15.7`	up to date
envy	`^0.4.2`	`0.4.2`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
tracing-subscriber	`^0.3.18`	`0.3.18`	up to date

Crate `kitsune-job-runner`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
color-eyre	`^0.6.3`	`0.6.3`	up to date
mimalloc	`^0.1.43`	`0.1.43`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date

Crate `athena`

Dependencies

(13 total, all up-to-date)

Crate	Required	Latest	Status
ahash	`^0.8.11`	`0.8.11`	up to date
async-trait	`^0.1.83`	`0.1.83`	up to date
either	`^1.13.0`	`1.13.0`	up to date
futures-util	`^0.3.31`	`0.3.31`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
smol_str	`^0.3.1`	`0.3.1`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
tokio-util	`^0.7.12`	`0.7.12`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
typetag	`^0.2.18`	`0.2.18`	up to date
unsize	`^1.1.0`	`1.1.0`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
postcard	`^1.0.10`	`1.0.10`	up to date
tracing-subscriber	`^0.3.18`	`0.3.18`	up to date

Crate `blowocking`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
rayon	`^1.10.0`	`1.10.0`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Crate `cursiv`

Dependencies

(11 total, all up-to-date)

Crate	Required	Latest	Status
aliri_braid	`^0.4.0`	`0.4.0`	up to date
blake3	`^1.5.4`	`1.5.4`	up to date
cookie	`^0.18.1`	`0.18.1`	up to date
hex-simd	`^0.8.0`	`0.8.0`	up to date
http	`^1.1.0`	`1.1.0`	up to date
pin-project-lite	`^0.2.14`	`0.2.14`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
tower	`^0.5.1`	`0.5.1`	up to date
zeroize	`^1.8.1`	`1.8.1`	up to date
async-trait	`^0.1.83`	`0.1.83`	up to date
axum-core	`^0.4.5`	`0.4.5`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
futures-test	`^0.3.31`	`0.3.31`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `fast-cjson`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
icu_normalizer	`^1.5.0`	`1.5.0`	up to date
memchr	`^2.7.4`	`2.7.4`	up to date
serde	`^1.0.210`	`1.0.213`	up to date

Dev dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
divan	`^0.1.14`	`0.1.14`	up to date
mimalloc	`^0.1.43`	`0.1.43`	up to date
olpc-cjson	`^0.1.4`	`0.1.4`	up to date
proptest	`^1.5.0`	`1.5.0`	up to date
proptest-derive	`^0.5.0`	`0.5.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
serde_json	`^1.0.129`	`1.0.132`	up to date

Crate `geomjeungja`

Dependencies

(8 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.83`	`0.1.83`	up to date
hickory-resolver	`^0.25.0-alpha.2`	`0.24.1`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
typed-builder	`^0.20.0`	`0.20.0`	up to date
unsize	`^1.1.0`	`1.1.0`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
insta	`^1.40.0`	`1.40.0`	up to date
rand_xorshift	`^0.3.0`	`0.3.0`	up to date

Crate `http-signatures`

Dependencies

(13 total, all up-to-date)

Crate	Required	Latest	Status
atoi_radix10	`^0.0.1`	`0.0.1`	up to date
base64-simd	`^0.8.0`	`0.8.0`	up to date
const-oid	`^0.9.6`	`0.9.6`	up to date
derive_builder	`^0.20.2`	`0.20.2`	up to date
http	`^1.1.0`	`1.1.0`	up to date
httpdate	`^1.0.3`	`1.0.3`	up to date
logos	`^0.14.2`	`0.14.2`	up to date
miette	`^7.2.0`	`7.2.0`	up to date
pkcs8	`^0.10.2`	`0.10.2`	up to date
ring	`^0.17.8`	`0.17.8`	up to date
scoped-futures	`^0.1.3`	`0.1.3`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
divan	`^0.1.14`	`0.1.14`	up to date

Crate `http-signatures-cli`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
miette	`^7.2.0`	`7.2.0`	up to date
owo-colors	`^4.1.0`	`4.1.0`	up to date

Crate `just-retry`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
retry-policies	`^0.4.0`	`0.4.0`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Crate `masto-id-convert`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
atoi_radix10	`^0.0.1`	`0.0.1`	up to date
nanorand	`^0.7.0`	`0.7.0`	up to date
uuid	`^1.11.0`	`1.11.0`	up to date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
divan	`^0.1.14`	`0.1.14`	up to date
time	`^0.3.36`	`0.3.36`	up to date
uuid	`^1.11.0`	`1.11.0`	up to date

Crate `mrf-manifest`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
leb128	`^0.2.5`	`0.2.5`	up to date
schemars	`^0.8.21`	`0.8.21`	up to date
semver	`^1.0.23`	`1.0.23`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
wasm-encoder	`^0.219.1`	`0.219.1`	up to date
wasmparser	`^0.219.1`	`0.219.1`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
insta	`^1.40.0`	`1.40.0`	up to date
wat	`^1.219.1`	`1.219.1`	up to date

Crate `mrf-tool`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
color-eyre	`^0.6.3`	`0.6.3`	up to date
colored_json	`^5.0.0`	`5.0.0`	up to date
wasmparser	`^0.219.1`	`0.219.1`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
wat	`^1.219.1`	`1.219.1`	up to date

Crate `post-process`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
logos	`^0.14.2`	`0.14.2`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
divan	`^0.1.14`	`0.1.14`	up to date
futures-executor	`^0.3.31`	`0.3.31`	up to date
insta	`^1.40.0`	`1.40.0`	up to date
pretty_assertions	`^1.4.1`	`1.4.1`	up to date

Crate `schaber`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
lol_html	`^2.0.0`	`2.0.0`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date

Crate `speedy-uuid`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
async-graphql	`^7.0.11`	`7.0.11`	up to date
diesel	`^2.2.4`	`2.2.4`	up to date
fred	`^9.2.1`	`9.3.0`	up to date
serde	`^1.0.210`	`1.0.213`	up to date
thiserror	`^1.0.64`	`1.0.65`	up to date
uuid	`^1.11.0`	`1.11.0`	up to date
uuid-simd	`^0.8.0`	`0.8.0`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
serde_test	`^1.0.177`	`1.0.177`	up to date

Crate `tick-tock-mock`

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
divan	`^0.1.14`	`0.1.14`	up to date

Crate `tower-http-digest`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
base64-simd	`^0.8.0`	`0.8.0`	up to date
bytes	`^1.7.2`	`1.8.0`	up to date
either	`^1.13.0`	`1.13.0`	up to date
http	`^1.1.0`	`1.1.0`	up to date
http-body	`^1.0.1`	`1.0.1`	up to date
memchr	`^2.7.4`	`2.7.4`	up to date
pin-project-lite	`^0.2.14`	`0.2.14`	up to date
sha2	`^0.10.8`	`0.10.8`	up to date
subtle	`^2.6.1`	`2.6.1`	up to date
tower-layer	`^0.3.3`	`0.3.3`	up to date
tower-service	`^0.3.3`	`0.3.3`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.7.2`	`1.8.0`	up to date
futures-test	`^0.3.31`	`0.3.31`	up to date
http-body-util	`^0.1.2`	`0.1.2`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `tower-stop-using-brave`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
either	`^1.13.0`	`1.13.0`	up to date
http	`^1.1.0`	`1.1.0`	up to date
regex	`^1.11.0`	`1.11.0`	up to date
tower-layer	`^0.3.3`	`0.3.3`	up to date
tower-service	`^0.3.3`	`0.3.3`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
futures-test	`^0.3.31`	`0.3.31`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `tower-x-clacks-overhead`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
http	`^1.1.0`	`1.1.0`	up to date
pin-project-lite	`^0.2.14`	`0.2.14`	up to date
tower-layer	`^0.3.3`	`0.3.3`	up to date
tower-service	`^0.3.3`	`0.3.3`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
futures-test	`^0.3.31`	`0.3.31`	up to date
tower	`^0.5.1`	`0.5.1`	up to date

Crate `trials`

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
futures-test	`^0.3.31`	`0.3.31`	up to date

Crate `xtask`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
argh	`^0.1.12`	`0.1.12`	up to date
eyre	`^0.6.12`	`0.6.12`	up to date
tracing	`^0.1.40`	`0.1.40`	up to date
tracing-subscriber	`^0.3.18`	`0.3.18`	up to date
ureq	`^2.10.1`	`2.10.1`	up to date

Security Vulnerabilities

`rsa`: Marvin Attack: potential key recovery through timing sidechannels

RUSTSEC-2023-0071

Impact

Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key.

Patches

No patch is yet available, however work is underway to migrate to a fully constant-time implementation.

Workarounds

The only currently available workaround is to avoid using the rsa crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer is fine.

References

This vulnerability was discovered as part of the "Marvin Attack", which revealed several implementations of RSA including OpenSSL had not properly mitigated timing sidechannel attacks.

kitsune-soc / kitsune

Crate kitsune-activitypub

Dependencies

Dev dependencies

Crate kitsune-cache

Dependencies

Crate kitsune-captcha

Dependencies

Crate kitsune-config

Dependencies

Crate kitsune-core

Dependencies

Crate kitsune-db

Dependencies

Crate kitsune-derive

Dependencies

Crate kitsune-derive-impl

Dependencies

Crate kitsune-email

Dependencies

Crate kitsune-embed

Dependencies

Crate kitsune-error

Dependencies

Crate kitsune-federation

Dependencies

Crate kitsune-federation-filter

Dependencies

Crate kitsune-http-client

Dependencies

Crate kitsune-jobs

Dependencies

Crate kitsune-language

Dependencies

Crate kitsune-mastodon

Dependencies

Crate kitsune-observability

Dependencies

Crate kitsune-oidc

Dependencies

Dev dependencies

Crate kitsune-s3

Dependencies

Crate kitsune-scss-compiler

Dependencies

Crate kitsune-search

Dependencies

Crate kitsune-service

Dependencies

Dev dependencies

Crate kitsune-storage

Dependencies

Dev dependencies

Crate kitsune-test

Dependencies

Crate kitsune-type

Dependencies

Dev dependencies

Crate kitsune-url

Dependencies

Crate kitsune-util

Dependencies

Crate kitsune-wasm-mrf

Dependencies

Dev dependencies

Crate example-mrf

Dependencies

Crate kitsune-webfinger

Dependencies

Dev dependencies

Crate kitsune

Dependencies

Build dependencies

Crate kitsune-cli

Dependencies

Crate kitsune-job-runner

Dependencies

Crate athena

Dependencies

Dev dependencies

Crate `kitsune-activitypub`

Crate `kitsune-cache`

Crate `kitsune-captcha`

Crate `kitsune-config`

Crate `kitsune-core`

Crate `kitsune-db`

Crate `kitsune-derive`

Crate `kitsune-derive-impl`

Crate `kitsune-email`

Crate `kitsune-embed`

Crate `kitsune-error`

Crate `kitsune-federation`

Crate `kitsune-federation-filter`

Crate `kitsune-http-client`

Crate `kitsune-jobs`

Crate `kitsune-language`

Crate `kitsune-mastodon`

Crate `kitsune-observability`

Crate `kitsune-oidc`

Crate `kitsune-s3`

Crate `kitsune-scss-compiler`

Crate `kitsune-search`

Crate `kitsune-service`

Crate `kitsune-storage`

Crate `kitsune-test`

Crate `kitsune-type`

Crate `kitsune-url`

Crate `kitsune-util`

Crate `kitsune-wasm-mrf`

Crate `example-mrf`

Crate `kitsune-webfinger`

Crate `kitsune`

Crate `kitsune-cli`

Crate `kitsune-job-runner`

Crate `athena`

Crate `blowocking`

Crate `cursiv`

Crate `fast-cjson`

Crate `geomjeungja`

Crate `http-signatures`

Crate `http-signatures-cli`

Crate `just-retry`

Crate `masto-id-convert`

Crate `mrf-manifest`

Crate `mrf-tool`

Crate `post-process`

Crate `schaber`

Crate `speedy-uuid`

Crate `tick-tock-mock`

Crate `tower-http-digest`

Crate `tower-stop-using-brave`

Crate `tower-x-clacks-overhead`

Crate `trials`

Crate `xtask`

`rsa`: Marvin Attack: potential key recovery through timing sidechannels