Deps.rs

let4be / crusty-core

[![dependency status](https://deps.rs/repo/github/let4be/crusty-core/status.svg)](https://deps.rs/repo/github/let4be/crusty-core)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate crusty-core

Dependencies

(27 total, 14 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 tokio ⚠️^1.141.37.0maybe insecure
 strum~0.240.26.2out of date
 tracing-tools~0.5.00.6.0out of date
 flume~0.10.50.11.0out of date
 futures-lite~1.12.02.3.0out of date
 serde~1.0.1251.0.198up to date
 hyper~0.14.121.3.1out of date
 robotstxt-with-cache~0.4.00.4.0up to date
 trust-dns-resolver~0.22.00.23.2out of date
 hyper-tls~0.5.00.6.0out of date
 url~2.3.12.5.0out of date
 http~0.2.31.1.0out of date
 bytes~1.3.01.6.0out of date
 flate2~1.0.201.0.28up to date
 select~0.6.00.6.0up to date
 ipnet~2.7.02.9.0out of date
 humansize~2.1.32.1.3up to date
 humanize-rs~0.1.50.1.5up to date
 tracing~0.1.250.1.40up to date
 thiserror~1.0.241.0.58up to date
 anyhow~1.0.401.0.82up to date
 pin-project~1.0.71.1.5out of date
 lazy_static~1.4.01.4.0up to date
 num_cpus~1.15.01.16.0out of date
 rand~0.8.00.8.5up to date
 derivative~2.2.02.2.0up to date
 core_affinity~0.7.60.8.1out of date

Dev dependencies

(4 total, 2 outdated)

CrateRequiredLatestStatus
 html5ever~0.26.00.27.0out of date
 markup5ever~0.11.00.12.0out of date
 tracing-subscriber~0.3.20.3.18up to date
 tracing~0.1.250.1.40up to date

Security Vulnerabilities

tokio: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);