This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate nemo

Dependencies

(33 total, 8 outdated)

CrateRequiredLatestStatus
 log^0.40.4.26up to date
 nom^7.1.18.0.0out of date
 petgraph^0.6.30.7.1out of date
 petgraph-graphml^3.0.03.1.0up to date
 rand^0.8.50.9.0out of date
 csv^1.1.61.3.1up to date
 thiserror^2.02.0.12up to date
 flate2^11.1.0up to date
 sanitise-file-name^1.0.01.0.0up to date
 getrandom^0.2.90.3.2out of date
 oxiri^0.2.20.2.11up to date
 tokio^1.40.01.44.1up to date
 reqwest^0.12.20.12.15up to date
 num^0.4.00.4.3up to date
 ascii_tree^0.1.10.1.1up to date
 serde_json^1.0.1081.0.140up to date
 serde^1.0.1381.0.219up to date
 tower-lsp^0.20.00.20.0up to date
 dyn-clone^1.0.161.0.19up to date
 unicode-ident^1.0.121.0.18up to date
 nom-greedyerror^0.5.00.5.0up to date
 nom-supreme^0.8.00.8.0up to date
 enum-assoc^1.1.01.2.4up to date
 ariadne^0.4.10.5.1out of date
 strum^0.26.30.27.1out of date
 strum_macros^0.26.40.27.1out of date
 similar-string^1.4.31.4.3up to date
 bytecount^0.6.80.6.8up to date
 colored^23.0.0out of date
 spargebra^0.3.50.3.5up to date
 urlencoding^2.1.32.1.3up to date
 oxrdfio^0.1.60.1.7up to date
 oxrdf^0.2.40.2.4up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 env_logger*0.11.7up to date
 assert_fs^1.01.1.2up to date
 test-log^0.20.2.17up to date
 quickcheck^11.0.3up to date
 quickcheck_macros^11.0.0up to date

Crate nemo-cli

Dependencies

(7 total, 2 outdated)

CrateRequiredLatestStatus
 log^0.40.4.26up to date
 clap^4.0.324.5.32up to date
 colored^23.0.0out of date
 env_logger*0.11.7up to date
 serde_json^1.0.1081.0.140up to date
 thiserror^2.02.0.12up to date
 ariadne^0.4.10.5.1out of date

Dev dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 assert_cmd^2.02.0.16up to date
 assert_fs^1.0.131.1.2up to date
 dir-test^0.2.10.4.1out of date
 predicates^3.03.1.3up to date
 test-log^0.20.2.17up to date

Crate nemo-physical

Dependencies

(24 total, 4 outdated)

CrateRequiredLatestStatus
 enum_dispatch^0.3.120.3.13up to date
 log^0.40.4.26up to date
 thiserror^2.02.0.12up to date
 num^0.4.00.4.3up to date
 ascii_tree^0.1.10.1.1up to date
 once_cell^11.21.1up to date
 linked-hash-map^0.5.60.5.6up to date
 lru^0.120.13.0out of date
 cpu-time^1.01.0.0up to date
 reqwest^0.12.20.12.15up to date
 delegate^0.120.13.2out of date
 regex^1.9.51.11.1up to date
 hashbrown^0.140.15.2out of date
 bitvec^1.0.11.0.1up to date
 streaming-iterator^0.1.90.1.9up to date
 flate2^11.1.0up to date
 unicode-segmentation^1.11.01.12.0up to date
 urlencoding^2.1.32.1.3up to date
 oxiri^0.2.20.2.11up to date
 path-slash^0.2.10.2.1up to date
 levenshtein^1.0.51.0.5up to date
 serde_urlencoded^0.7.10.7.1up to date
 serde^1.0.2191.0.219up to date
 itertools^0.8.00.14.0out of date

Dev dependencies

(8 total, 2 outdated)

CrateRequiredLatestStatus
 arbitrary^11.4.1up to date
 rand^0.80.9.0out of date
 env_logger*0.11.7up to date
 test-log^0.20.2.17up to date
 quickcheck^11.0.3up to date
 quickcheck_macros^11.0.0up to date
 flate2^11.1.0up to date
 rand_pcg^0.3.10.9.0out of date

Crate nemo-python

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 pyo3^0.230.24.0out of date

Crate nemo-language-server

Dependencies

(8 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^1.01.0.97up to date
 line-index^0.1.10.1.2up to date
 futures^0.3.210.3.31up to date
 strum^0.26.30.27.1out of date
 strum_macros^0.26.40.27.1out of date
 tokio ⚠️^1.4.01.44.1maybe insecure
 tower-lsp^0.20.00.20.0up to date
 tower-service^0.3.20.3.3up to date

Crate nemo-wasm

Dependencies

(8 total, 2 outdated)

CrateRequiredLatestStatus
 console_error_panic_hook^0.1.70.1.7up to date
 js-sys^0.3.630.3.77up to date
 futures^0.3.210.3.31up to date
 gloo-utils^0.10.2.0out of date
 thiserror^2.02.0.12up to date
 wasm-bindgen=0.2.950.2.100out of date
 wasm-bindgen-futures^0.4.370.4.50up to date
 web-sys^0.3.640.3.77up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 wasm-bindgen-test^0.30.3.50up to date

Security Vulnerabilities

tokio: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);