libp2p / rust-libp2p

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `libp2p-core`

Dependencies

(18 total, 1 outdated)

Crate	Required	Latest	Status
either	`^1.5`	`1.8.1`	up to date
fnv	`^1.0`	`1.0.7`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date
multihash	`^0.17.0`	`0.18.0`	out of date
once_cell	`^1.17.1`	`1.17.1`	up to date
parking_lot	`^0.12.0`	`0.12.1`	up to date
pin-project	`^1.0.0`	`1.0.12`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
serde	`^1`	`1.0.158`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date
void	`^1`	`1.0.2`	up to date

Dev dependencies

(2 total, 1 outdated)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
multihash	`^0.17.0`	`0.18.0`	out of date

Crate `chat-example`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date

Crate `autonat-example`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
clap	`^4.1.11`	`4.1.13`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date

Crate `dcutr`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
clap	`^4.1.11`	`4.1.13`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0`	`3.0.2`	up to date
log	`^0.4`	`0.4.17`	up to date

Crate `distributed-key-value-store`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date

Crate `file-sharing`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
clap	`^4.1.11`	`4.1.13`	up to date
either	`^1.8`	`1.8.1`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date

Crate `identify`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
futures	`^0.3.27`	`0.3.27`	up to date

Crate `ipfs-kad`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date

Crate `ipfs-private`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
either	`^1.8`	`1.8.1`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date

Crate `ping-example`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date

Crate `relay-server-example`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
clap	`^4.1.11`	`4.1.13`	up to date
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date

Crate `rendezvous-example`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
tokio	`^1.25`	`1.26.0`	up to date

Crate `libp2p-identity`

Dependencies

(17 total, 3 outdated)

Crate	Required	Latest	Status
asn1_der	`^0.7.4`	`0.7.5`	up to date
bs58	`^0.4.0`	`0.4.0`	up to date
ed25519-dalek	`^1.0.1`	`1.0.1`	up to date
libsecp256k1	`^0.7.0`	`0.7.1`	up to date
log	`^0.4`	`0.4.17`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date
multihash	`^0.17.0`	`0.18.0`	out of date
p256	`^0.12`	`0.13.0`	out of date
prost	`^0.11`	`0.11.8`	up to date
quick-protobuf	`^0.8.1`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
sec1	`^0.3.0`	`0.7.1`	out of date
serde	`^1`	`1.0.158`	up to date
sha2	`^0.10.0`	`0.10.6`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
void	`^1.0`	`1.0.2`	up to date
zeroize	`^1.0`	`1.5.7`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
base64	`^0.21.0`	`0.21.0`	up to date
serde_json	`^1.0`	`1.0.94`	up to date
rmp-serde	`^1.0`	`1.1.1`	up to date
criterion	`^0.4`	`0.4.0`	up to date

Crate `interop-tests`

Dependencies

(8 total, all up-to-date)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.70`	up to date
either	`^1.8.0`	`1.8.1`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
redis	`^0.22.1`	`0.22.3`	up to date
tokio	`^1.24.1`	`1.26.0`	up to date

Crate `libp2p-allow-block-list`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
void	`^1`	`1.0.2`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12.0`	`1.12.0`	up to date

Crate `libp2p-connection-limits`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
void	`^1`	`1.0.2`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12.0`	`1.12.0`	up to date
rand	`^0.8.5`	`0.8.5`	up to date

Crate `keygen`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
clap	`^4.1.11`	`4.1.13`	up to date
zeroize	`^1`	`1.5.7`	up to date
serde	`^1.0.157`	`1.0.158`	up to date
serde_json	`^1.0.94`	`1.0.94`	up to date
base64	`^0.21.0`	`0.21.0`	up to date

Crate `libp2p-metrics`

Dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
prometheus-client	`^0.19.0`	`0.19.0`	up to date

Dev dependencies

(5 total, 2 possibly insecure)

Crate	Required	Latest	Status
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
hyper ⚠️	`^0.14`	`0.14.25`	maybe insecure
log	`^0.4.0`	`0.4.17`	up to date
tokio ⚠️	`^1`	`1.26.0`	maybe insecure

Crate `multistream-select`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1`	`1.4.0`	up to date
futures	`^0.3`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
pin-project	`^1.0.0`	`1.0.12`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
rand	`^0.8`	`0.8.5`	up to date

Crate `quick-protobuf-codec`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
bytes	`^1`	`1.4.0`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date

Crate `quickcheck-ext`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
quickcheck	`^1`	`1.0.3`	up to date
num-traits	`^0.2`	`0.2.15`	up to date

Crate `rw-stream-sink`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
pin-project	`^1.0.10`	`1.0.12`	up to date
static_assertions	`^1`	`1.1.0`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.0`	`1.12.0`	up to date

Crate `libp2p-mplex`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1`	`1.4.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
asynchronous-codec	`^0.6`	`0.6.1`	up to date
log	`^0.4`	`0.4.17`	up to date
nohash-hasher	`^0.2`	`0.2.0`	up to date
parking_lot	`^0.12`	`0.12.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.7.0`	`1.12.0`	up to date
criterion	`^0.4`	`0.4.0`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3`	`0.3.27`	up to date

Crate `libp2p-muxer-test-harness`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date

Crate `libp2p-yamux`

Dependencies

(4 total, 1 outdated)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
yamux	`^0.10.0`	`0.11.0`	out of date
log	`^0.4`	`0.4.17`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.7.0`	`1.12.0`	up to date

Crate `libp2p-autonat`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1`	`0.1.68`	up to date
futures	`^0.3`	`0.3.27`	up to date
futures-timer	`^3.0`	`3.0.2`	up to date
instant	`^0.1`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
rand	`^0.8`	`0.8.5`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.10`	`1.12.0`	up to date
env_logger	`^0.10`	`0.10.0`	up to date

Crate `libp2p-dcutr`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
either	`^1.6.0`	`1.8.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
void	`^1`	`1.0.2`	up to date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.12.0`	`1.12.0`	up to date
clap	`^4.1.11`	`4.1.13`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
rand	`^0.8`	`0.8.5`	up to date

Crate `libp2p-floodsub`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
cuckoofilter	`^0.5.0`	`0.5.0`	up to date
fnv	`^1.0`	`1.0.7`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
thiserror	`^1.0.40`	`1.0.40`	up to date

Crate `libp2p-gossipsub`

Dependencies

(19 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1.4`	`1.4.0`	up to date
byteorder	`^1.3.4`	`1.4.3`	up to date
fnv	`^1.0.7`	`1.0.7`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
rand	`^0.8`	`0.8.5`	up to date
asynchronous-codec	`^0.6`	`0.6.1`	up to date
unsigned-varint	`^0.7.0`	`0.7.1`	up to date
log	`^0.4.11`	`0.4.17`	up to date
sha2	`^0.10.0`	`0.10.6`	up to date
base64	`^0.21.0`	`0.21.0`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
hex_fmt	`^0.3.0`	`0.3.0`	up to date
regex	`^1.5.5`	`1.7.3`	up to date
serde	`^1`	`1.0.158`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
wasm-timer	`^0.2.5`	`0.2.5`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
prometheus-client	`^0.19.0`	`0.19.0`	up to date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.3`	`1.12.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
hex	`^0.4.2`	`0.4.3`	up to date

Crate `libp2p-identify`

Dependencies

(10 total, 1 outdated)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
log	`^0.4.1`	`0.4.17`	up to date
lru	`^0.9.0`	`0.10.0`	out of date
quick-protobuf	`^0.8`	`0.8.1`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
void	`^1.0`	`1.0.2`	up to date
either	`^1.8.0`	`1.8.1`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
env_logger	`^0.10`	`0.10.0`	up to date

Crate `libp2p-kad`

Dependencies

(18 total, all up-to-date)

Crate	Required	Latest	Status
arrayvec	`^0.7.2`	`0.7.2`	up to date
bytes	`^1`	`1.4.0`	up to date
either	`^1.5`	`1.8.1`	up to date
fnv	`^1.0`	`1.0.7`	up to date
asynchronous-codec	`^0.6`	`0.6.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
sha2	`^0.10.0`	`0.10.6`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
uint	`^0.9`	`0.9.5`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date
void	`^1.0`	`1.0.2`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
serde	`^1.0`	`1.0.158`	up to date
thiserror	`^1`	`1.0.40`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
env_logger	`^0.10.0`	`0.10.0`	up to date
futures-timer	`^3.0`	`3.0.2`	up to date

Crate `libp2p-mdns`

Dependencies

(11 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
async-io	`^1.3.1`	`1.13.0`	up to date
data-encoding	`^2.3.2`	`2.3.3`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
if-watch	`^3.0.0`	`3.0.0`	up to date
log	`^0.4.14`	`0.4.17`	up to date
rand	`^0.8.3`	`0.8.5`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
socket2	`^0.4.0`	`0.5.1`	out of date
tokio ⚠️	`^1.19`	`1.26.0`	maybe insecure
trust-dns-proto	`^0.22.0`	`0.22.0`	up to date
void	`^1.0.2`	`1.0.2`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.9.0`	`1.12.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
tokio ⚠️	`^1.19`	`1.26.0`	maybe insecure

Crate `libp2p-perf`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.70`	up to date
async-std	`^1.9.0`	`1.12.0`	up to date
clap	`^4.1.11`	`4.1.13`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
futures	`^0.3.26`	`0.3.27`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
void	`^1`	`1.0.2`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
rand	`^0.8`	`0.8.5`	up to date

Crate `libp2p-ping`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
either	`^1.8.0`	`1.8.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4.1`	`0.4.17`	up to date
rand	`^0.8`	`0.8.5`	up to date
void	`^1.0`	`1.0.2`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date

Crate `libp2p-relay`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
bytes	`^1`	`1.4.0`	up to date
either	`^1.6.0`	`1.8.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8.4`	`0.8.5`	up to date
static_assertions	`^1`	`1.1.0`	up to date
thiserror	`^1.0`	`1.0.40`	up to date
void	`^1`	`1.0.2`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
env_logger	`^0.10.0`	`0.10.0`	up to date

Crate `libp2p-rendezvous`

Dependencies

(10 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
bimap	`^0.6.1`	`0.6.3`	up to date
futures	`^0.3`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
thiserror	`^1`	`1.0.40`	up to date
void	`^1`	`1.0.2`	up to date

Dev dependencies

(4 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-trait	`^0.1`	`0.1.68`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
rand	`^0.8`	`0.8.5`	up to date
tokio ⚠️	`^1.15`	`1.26.0`	maybe insecure

Crate `libp2p-request-response`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1`	`0.1.68`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
rand	`^0.8`	`0.8.5`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date

Dev dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
rand	`^0.8`	`0.8.5`	up to date

Crate `libp2p-swarm`

Dependencies

(11 total, all up-to-date)

Crate	Required	Latest	Status
either	`^1.6.0`	`1.8.1`	up to date
fnv	`^1.0`	`1.0.7`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
log	`^0.4`	`0.4.17`	up to date
rand	`^0.8`	`0.8.5`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date
void	`^1`	`1.0.2`	up to date
wasm-bindgen-futures	`^0.4.34`	`0.4.34`	up to date
getrandom	`^0.2.3`	`0.2.8`	up to date

Dev dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
either	`^1.6.0`	`1.8.1`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
void	`^1`	`1.0.2`	up to date

Crate `libp2p-swarm-derive`

Dependencies

(3 total, all up-to-date)

Crate	Required	Latest	Status
heck	`^0.4`	`0.4.1`	up to date
quote	`^1.0`	`1.0.26`	up to date
syn	`^2.0.2`	`2.0.10`	up to date

Crate `libp2p-swarm-test`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
async-trait	`^0.1.57`	`0.1.68`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4.17`	`0.4.17`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date

Crate `libp2p-deflate`

Dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
flate2	`^1.0`	`1.0.25`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
rand	`^0.8`	`0.8.5`	up to date

Crate `libp2p-dns`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
log	`^0.4.1`	`0.4.17`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
async-std-resolver	`^0.22`	`0.22.0`	up to date
parking_lot	`^0.12.0`	`0.12.1`	up to date
trust-dns-resolver	`^0.22`	`0.22.0`	up to date
smallvec	`^1.6.1`	`1.10.0`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
env_logger	`^0.10`	`0.10.0`	up to date
tokio ⚠️	`^1.0`	`1.26.0`	maybe insecure
async-std	`^1.6`	`1.12.0`	up to date

Crate `libp2p-noise`

Dependencies

(12 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1`	`1.4.0`	up to date
curve25519-dalek	`^3.0.0`	`3.2.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
once_cell	`^1.17.1`	`1.17.1`	up to date
rand	`^0.8.3`	`0.8.5`	up to date
sha2	`^0.10.0`	`0.10.6`	up to date
static_assertions	`^1`	`1.1.0`	up to date
thiserror	`^1.0.40`	`1.0.40`	up to date
x25519-dalek	`^1.1.0`	`1.2.0`	up to date
zeroize	`^1`	`1.5.7`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
async-io	`^1.2.0`	`1.13.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date

Crate `libp2p-plaintext`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
asynchronous-codec	`^0.6`	`0.6.1`	up to date
bytes	`^1`	`1.4.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4.8`	`0.4.17`	up to date
quick-protobuf	`^0.8`	`0.8.1`	up to date
unsigned-varint	`^0.7`	`0.7.1`	up to date
void	`^1.0.2`	`1.0.2`	up to date

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
env_logger	`^0.10.0`	`0.10.0`	up to date
rand	`^0.8`	`0.8.5`	up to date

Crate `libp2p-pnet`

Dependencies

(6 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4.8`	`0.4.17`	up to date
salsa20	`^0.10`	`0.10.2`	up to date
sha3	`^0.10`	`0.10.6`	up to date
rand	`^0.8`	`0.8.5`	up to date
pin-project	`^1.0.2`	`1.0.12`	up to date

Dev dependencies

(1 total, 1 possibly insecure)

Crate	Required	Latest	Status
tokio ⚠️	`^1.21.1`	`1.26.0`	maybe insecure

Crate `libp2p-quic`

Dependencies

(12 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.12.0`	`1.12.0`	up to date
bytes	`^1.4.0`	`1.4.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
if-watch	`^3.0.0`	`3.0.0`	up to date
log	`^0.4`	`0.4.17`	up to date
parking_lot	`^0.12.0`	`0.12.1`	up to date
quinn-proto	`^0.9.0`	`0.9.2`	up to date
rand	`^0.8.5`	`0.8.5`	up to date
rustls	`^0.20.2`	`0.20.8`	up to date
thiserror	`^1.0.40`	`1.0.40`	up to date
tokio ⚠️	`^1.21.1`	`1.26.0`	maybe insecure

Dev dependencies

(4 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.12.0`	`1.12.0`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
quickcheck	`^1`	`1.0.3`	up to date
tokio ⚠️	`^1.21.1`	`1.26.0`	maybe insecure

Crate `libp2p-tcp`

Dependencies

(8 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
async-io	`^1.2.0`	`1.13.0`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
futures-timer	`^3.0`	`3.0.2`	up to date
if-watch	`^3.0.0`	`3.0.0`	up to date
libc	`^0.2.140`	`0.2.140`	up to date
log	`^0.4.11`	`0.4.17`	up to date
socket2	`^0.4.0`	`0.5.1`	out of date
tokio ⚠️	`^1.19.0`	`1.26.0`	maybe insecure

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.6.5`	`1.12.0`	up to date
tokio ⚠️	`^1.0.1`	`1.26.0`	maybe insecure
env_logger	`^0.10.0`	`0.10.0`	up to date

Crate `libp2p-tls`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
futures-rustls	`^0.22.2`	`0.22.2`	up to date
rcgen	`^0.10.0`	`0.10.0`	up to date
ring	`^0.16.20`	`0.16.20`	up to date
thiserror	`^1.0.40`	`1.0.40`	up to date
webpki	`^0.22.0`	`0.22.0`	up to date
x509-parser	`^0.15.0`	`0.15.0`	up to date
yasna	`^0.5.0`	`0.5.1`	up to date
rustls	`^0.20.7`	`0.20.8`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
hex	`^0.4.3`	`0.4.3`	up to date
hex-literal	`^0.3.4`	`0.3.4`	up to date
tokio ⚠️	`^1.21.1`	`1.26.0`	maybe insecure

Crate `libp2p-uds`

Dependencies

(4 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
log	`^0.4.1`	`0.4.17`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
tokio ⚠️	`^1.15`	`1.26.0`	maybe insecure

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
tempfile	`^3.4`	`3.4.0`	up to date

Crate `libp2p-wasm-ext`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
futures	`^0.3.27`	`0.3.27`	up to date
js-sys	`^0.3.61`	`0.3.61`	up to date
parity-send-wrapper	`^0.1.0`	`0.1.0`	up to date
wasm-bindgen	`^0.2.42`	`0.2.84`	up to date
wasm-bindgen-futures	`^0.4.34`	`0.4.34`	up to date

Crate `libp2p-webrtc`

Dependencies

(19 total, 3 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
async-trait	`^0.1`	`0.1.68`	up to date
asynchronous-codec	`^0.6.1`	`0.6.1`	up to date
bytes	`^1`	`1.4.0`	up to date
futures	`^0.3`	`0.3.27`	up to date
futures-timer	`^3`	`3.0.2`	up to date
hex	`^0.4`	`0.4.3`	up to date
if-watch	`^3.0`	`3.0.0`	up to date
log	`^0.4`	`0.4.17`	up to date
multihash	`^0.17.0`	`0.18.0`	out of date
quick-protobuf	`^0.8`	`0.8.1`	up to date
rand	`^0.8`	`0.8.5`	up to date
rcgen	`^0.9.3`	`0.10.0`	out of date
serde	`^1.0`	`1.0.158`	up to date
stun	`^0.4`	`0.4.4`	up to date
thiserror	`^1`	`1.0.40`	up to date
tinytemplate	`^1.2`	`1.2.1`	up to date
tokio ⚠️	`^1.19`	`1.26.0`	maybe insecure
tokio-util	`^0.7`	`0.7.7`	up to date
webrtc	`^0.6.0`	`0.7.1`	out of date

Dev dependencies

(7 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.70`	up to date
env_logger	`^0.10`	`0.10.0`	up to date
hex-literal	`^0.3`	`0.3.4`	up to date
tokio ⚠️	`^1.19`	`1.26.0`	maybe insecure
unsigned-varint	`^0.7`	`0.7.1`	up to date
void	`^1`	`1.0.2`	up to date
quickcheck	`^1.0.3`	`1.0.3`	up to date

Crate `libp2p-websocket`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
futures-rustls	`^0.22`	`0.22.2`	up to date
either	`^1.5.3`	`1.8.1`	up to date
futures	`^0.3.27`	`0.3.27`	up to date
log	`^0.4.8`	`0.4.17`	up to date
parking_lot	`^0.12.0`	`0.12.1`	up to date
quicksink	`^0.1`	`0.1.2`	up to date
soketto	`^0.7.0`	`0.7.1`	up to date
url	`^2.1`	`2.3.1`	up to date
webpki-roots	`^0.22`	`0.22.6`	up to date

Dev dependencies

(2 total, 1 outdated)

Crate	Required	Latest	Status
async-std	`^1.6.5`	`1.12.0`	up to date
rcgen	`^0.9.3`	`0.10.0`	out of date

Crate `libp2p`

Dependencies

(7 total, all up-to-date)

Crate	Required	Latest	Status
bytes	`^1`	`1.4.0`	up to date
futures	`^0.3.26`	`0.3.27`	up to date
futures-timer	`^3.0.2`	`3.0.2`	up to date
getrandom	`^0.2.3`	`0.2.8`	up to date
instant	`^0.1.11`	`0.1.12`	up to date
multiaddr	`^0.17.0`	`0.17.1`	up to date
pin-project	`^1.0.0`	`1.0.12`	up to date

Dev dependencies

(6 total, 1 possibly insecure)

Crate	Required	Latest	Status
async-std	`^1.6.2`	`1.12.0`	up to date
async-trait	`^0.1`	`0.1.68`	up to date
either	`^1.8.0`	`1.8.1`	up to date
env_logger	`^0.10.0`	`0.10.0`	up to date
clap	`^4.1.6`	`4.1.13`	up to date
tokio ⚠️	`^1.15`	`1.26.0`	maybe insecure

Security Vulnerabilities

`hyper`: Lenient `hyper` header parsing of `Content-Length` could allow request smuggling

RUSTSEC-2021-0078

hyper's HTTP header parser accepted, according to RFC 7230, illegal contents inside Content-Length headers. Due to this, upstream HTTP proxies that ignore the header may still forward them along if it chooses to ignore the error.

To be vulnerable, hyper must be used as an HTTP/1 server and using an HTTP proxy upstream that ignores the header's contents but still forwards it. Due to all the factors that must line up, an attack exploiting this vulnerability is unlikely.

`hyper`: Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss

RUSTSEC-2021-0079

When decoding chunk sizes that are too large, hyper's code would encounter an integer overflow. Depending on the situation, this could lead to data loss from an incorrect total size, or in rarer cases, a request smuggling attack.

To be vulnerable, you must be using hyper for any HTTP/1 purpose, including as a client or server, and consumers must send requests or responses that specify a chunk size greater than 18 exabytes. For a possible request smuggling attack to be possible, any upstream proxies must accept a chunk size greater than 64 bits.

`tokio`: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);

libp2p / rust-libp2p

Crate libp2p-core

Dependencies

Dev dependencies

Crate chat-example

Dependencies

Crate autonat-example

Dependencies

Crate dcutr

Dependencies

Crate distributed-key-value-store

Dependencies

Crate file-sharing

Dependencies

Crate identify

Dependencies

Crate ipfs-kad

Dependencies

Crate ipfs-private

Dependencies

Crate ping-example

Dependencies

Crate relay-server-example

Dependencies

Crate rendezvous-example

Dependencies

Crate libp2p-identity

Dependencies

Dev dependencies

Crate interop-tests

Dependencies

Crate libp2p-allow-block-list

Dependencies

Dev dependencies

Crate libp2p-connection-limits

Dependencies

Dev dependencies

Crate keygen

Dependencies

Crate libp2p-metrics

Dependencies

Dev dependencies

Crate multistream-select

Dependencies

Dev dependencies

Crate quick-protobuf-codec

Dependencies

Crate quickcheck-ext

Dependencies

Crate rw-stream-sink

Dependencies

Dev dependencies

Crate libp2p-mplex

Dependencies

Dev dependencies

Crate libp2p-muxer-test-harness

Dependencies

Crate libp2p-yamux

Dependencies

Dev dependencies

Crate libp2p-autonat

Dependencies

Dev dependencies

Crate libp2p-dcutr

Dependencies

Dev dependencies

Crate libp2p-floodsub

Dependencies

Crate libp2p-gossipsub

Dependencies

Dev dependencies

Crate libp2p-identify

Dependencies

Dev dependencies

Crate libp2p-kad

Dependencies

Dev dependencies

Crate libp2p-mdns

Dependencies

Dev dependencies

Crate `libp2p-core`

Crate `chat-example`

Crate `autonat-example`

Crate `dcutr`

Crate `distributed-key-value-store`

Crate `file-sharing`

Crate `identify`

Crate `ipfs-kad`

Crate `ipfs-private`

Crate `ping-example`

Crate `relay-server-example`

Crate `rendezvous-example`

Crate `libp2p-identity`

Crate `interop-tests`

Crate `libp2p-allow-block-list`

Crate `libp2p-connection-limits`

Crate `keygen`

Crate `libp2p-metrics`

Crate `multistream-select`

Crate `quick-protobuf-codec`

Crate `quickcheck-ext`

Crate `rw-stream-sink`

Crate `libp2p-mplex`

Crate `libp2p-muxer-test-harness`

Crate `libp2p-yamux`

Crate `libp2p-autonat`

Crate `libp2p-dcutr`

Crate `libp2p-floodsub`

Crate `libp2p-gossipsub`

Crate `libp2p-identify`

Crate `libp2p-kad`

Crate `libp2p-mdns`

Crate `libp2p-perf`

Crate `libp2p-ping`

Crate `libp2p-relay`

Crate `libp2p-rendezvous`

Crate `libp2p-request-response`

Crate `libp2p-swarm`

Crate `libp2p-swarm-derive`

Crate `libp2p-swarm-test`

Crate `libp2p-deflate`

Crate `libp2p-dns`

Crate `libp2p-noise`

Crate `libp2p-plaintext`

Crate `libp2p-pnet`

Crate `libp2p-quic`

Crate `libp2p-tcp`

Crate `libp2p-tls`

Crate `libp2p-uds`

Crate `libp2p-wasm-ext`

Crate `libp2p-webrtc`

Crate `libp2p-websocket`

Crate `libp2p`

`hyper`: Lenient `hyper` header parsing of `Content-Length` could allow request smuggling

`hyper`: Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss

`tokio`: reject_remote_clients Configuration corruption