knowsys / nemo

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `nemo`

Dependencies

(33 total, 5 outdated)

Crate	Required	Latest	Status
log	`^0.4`	`0.4.27`	up to date
nom	`^7.1.1`	`8.0.0`	out of date
petgraph	`^0.6.3`	`0.8.1`	out of date
petgraph-graphml	`^3.0.0`	`3.1.0`	up to date
rand	`^0.8`	`0.9.1`	out of date
csv	`^1.1.6`	`1.3.1`	up to date
thiserror	`^2.0`	`2.0.12`	up to date
flate2	`^1`	`1.1.1`	up to date
sanitise-file-name	`^1.0.0`	`1.0.0`	up to date
getrandom	`^0.2.9`	`0.3.2`	out of date
oxiri	`^0.2.2`	`0.2.11`	up to date
tokio	`^1.40.0`	`1.44.2`	up to date
reqwest	`^0.12.2`	`0.12.15`	up to date
num	`^0.4.0`	`0.4.3`	up to date
ascii_tree	`^0.1.1`	`0.1.1`	up to date
serde_json	`^1.0.108`	`1.0.140`	up to date
serde	`^1.0.138`	`1.0.219`	up to date
tower-lsp	`^0.20.0`	`0.20.0`	up to date
dyn-clone	`^1.0.16`	`1.0.19`	up to date
unicode-ident	`^1.0.12`	`1.0.18`	up to date
nom-greedyerror	`^0.5.0`	`0.5.0`	up to date
nom-supreme	`^0.8.0`	`0.8.0`	up to date
enum-assoc	`^1.1.0`	`1.2.4`	up to date
ariadne	`^0.4.1`	`0.5.1`	out of date
strum	`^0.27.1`	`0.27.1`	up to date
strum_macros	`^0.27.1`	`0.27.1`	up to date
similar-string	`^1.4.3`	`1.4.3`	up to date
bytecount	`^0.6.8`	`0.6.8`	up to date
colored	`^3`	`3.0.0`	up to date
spargebra	`^0.3.5`	`0.3.5`	up to date
urlencoding	`^2.1.3`	`2.1.3`	up to date
oxrdfio	`^0.1.6`	`0.1.7`	up to date
oxrdf	`^0.2.4`	`0.2.4`	up to date

Dev dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
env_logger	`*`	`0.11.8`	up to date
assert_fs	`^1.0`	`1.1.2`	up to date
test-log	`^0.2`	`0.2.17`	up to date
quickcheck	`^1`	`1.0.3`	up to date
quickcheck_macros	`^1`	`1.0.0`	up to date

Crate `nemo-cli`

Dependencies

(7 total, 1 outdated)

Crate	Required	Latest	Status
log	`^0.4`	`0.4.27`	up to date
clap	`^4.0.32`	`4.5.37`	up to date
colored	`^3`	`3.0.0`	up to date
env_logger	`*`	`0.11.8`	up to date
serde_json	`^1.0.108`	`1.0.140`	up to date
thiserror	`^2.0`	`2.0.12`	up to date
ariadne	`^0.4.1`	`0.5.1`	out of date

Dev dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
assert_cmd	`^2.0`	`2.0.17`	up to date
assert_fs	`^1.0.13`	`1.1.2`	up to date
dir-test	`^0.4.1`	`0.4.1`	up to date
predicates	`^3.0`	`3.1.3`	up to date
test-log	`^0.2`	`0.2.17`	up to date

Crate `nemo-physical`

Dependencies

(24 total, all up-to-date)

Crate	Required	Latest	Status
enum_dispatch	`^0.3.12`	`0.3.13`	up to date
log	`^0.4`	`0.4.27`	up to date
thiserror	`^2.0`	`2.0.12`	up to date
num	`^0.4.0`	`0.4.3`	up to date
ascii_tree	`^0.1.1`	`0.1.1`	up to date
once_cell	`^1`	`1.21.3`	up to date
linked-hash-map	`^0.5.6`	`0.5.6`	up to date
lru	`^0.14`	`0.14.0`	up to date
cpu-time	`^1.0`	`1.0.0`	up to date
reqwest	`^0.12.2`	`0.12.15`	up to date
delegate	`^0.13`	`0.13.3`	up to date
regex	`^1.9.5`	`1.11.1`	up to date
hashbrown	`^0.15.2`	`0.15.2`	up to date
bitvec	`^1.0.1`	`1.0.1`	up to date
streaming-iterator	`^0.1.9`	`0.1.9`	up to date
flate2	`^1`	`1.1.1`	up to date
unicode-segmentation	`^1.11.0`	`1.12.0`	up to date
urlencoding	`^2.1.3`	`2.1.3`	up to date
oxiri	`^0.2.2`	`0.2.11`	up to date
path-slash	`^0.2.1`	`0.2.1`	up to date
levenshtein	`^1.0.5`	`1.0.5`	up to date
serde_urlencoded	`^0.7.1`	`0.7.1`	up to date
serde	`^1.0.219`	`1.0.219`	up to date
itertools	`^0.14.0`	`0.14.0`	up to date

Dev dependencies

(8 total, 2 outdated)

Crate	Required	Latest	Status
arbitrary	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date
env_logger	`*`	`0.11.8`	up to date
test-log	`^0.2`	`0.2.17`	up to date
quickcheck	`^1`	`1.0.3`	up to date
quickcheck_macros	`^1`	`1.0.0`	up to date
flate2	`^1`	`1.1.1`	up to date
rand_pcg	`^0.3.1`	`0.9.0`	out of date

Crate `nemo-python`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
pyo3	`^0.24.2`	`0.24.2`	up to date

Crate `nemo-language-server`

Dependencies

(8 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
line-index	`^0.1.1`	`0.1.2`	up to date
futures	`^0.3.21`	`0.3.31`	up to date
strum	`^0.27.1`	`0.27.1`	up to date
strum_macros	`^0.27.1`	`0.27.1`	up to date
tokio ⚠️	`^1.4.0`	`1.44.2`	maybe insecure
tower-lsp	`^0.20.0`	`0.20.0`	up to date
tower-service	`^0.3.2`	`0.3.3`	up to date

Crate `nemo-wasm`

Dependencies

(8 total, 2 outdated)

Crate	Required	Latest	Status
console_error_panic_hook	`^0.1.7`	`0.1.7`	up to date
js-sys	`^0.3.63`	`0.3.77`	up to date
futures	`^0.3.21`	`0.3.31`	up to date
gloo-utils	`^0.1`	`0.2.0`	out of date
thiserror	`^2.0`	`2.0.12`	up to date
wasm-bindgen	`=0.2.95`	`0.2.100`	out of date
wasm-bindgen-futures	`^0.4.37`	`0.4.50`	up to date
web-sys	`^0.3.64`	`0.3.77`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
wasm-bindgen-test	`^0.3`	`0.3.50`	up to date

Security Vulnerabilities

`tokio`: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);

knowsys / nemo

Crate nemo

Dependencies

Dev dependencies

Crate nemo-cli

Dependencies

Dev dependencies

Crate nemo-physical

Dependencies

Dev dependencies

Crate nemo-python

Dependencies

Crate nemo-language-server

Dependencies

Crate nemo-wasm

Dependencies

Dev dependencies

Security Vulnerabilities

tokio: reject_remote_clients Configuration corruption

Workarounds

Crate `nemo`

Crate `nemo-cli`

Crate `nemo-physical`

Crate `nemo-python`

Crate `nemo-language-server`

Crate `nemo-wasm`

`tokio`: reject_remote_clients Configuration corruption