This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate meilisearch
Dependencies (62 total, 2 outdated, 1 possibly insecure)
Dev dependencies (9 total, 1 outdated)
Build dependencies (8 total, 1 outdated)
Crate meilitool
Dependencies (8 total, all up-to-date)
Crate Required Latest Status anyhow ^1.0.86
1.0.95
up to date clap ^4.5.9
4.5.23
up to date indexmap ^2.7.0
2.7.0
up to date serde ^1.0.209
1.0.216
up to date serde_json ^1.0.133
1.0.134
up to date tempfile ^3.14.0
3.14.0
up to date time ^0.3.36
0.3.37
up to date uuid ^1.10.0
1.11.0
up to date
Crate meilisearch-types
Dependencies (23 total, 1 outdated)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status insta ^1.39.0
1.41.1
up to date
Crate meilisearch-auth
Dependencies (12 total, 1 outdated)
Crate Required Latest Status base64 ^0.22.1
0.22.1
up to date enum-iterator ^2.1.0
2.1.0
up to date hmac ^0.12.1
0.12.1
up to date maplit ^1.0.2
1.0.2
up to date rand ^0.8.5
0.8.5
up to date roaring ^0.10.7
0.10.9
up to date serde ^1.0.204
1.0.216
up to date serde_json ^1.0.120
1.0.134
up to date sha2 ^0.10.8
0.10.8
up to date thiserror ^1.0.61
2.0.9
out of date time ^0.3.36
0.3.37
up to date uuid ^1.10.0
1.11.0
up to date
Crate meili-snap
Dependencies (3 total, 1 outdated)
Crate Required Latest Status insta =1.39.0
1.41.1
out of date md5 ^0.7.0
0.7.0
up to date once_cell ^1.19
1.20.2
up to date
Crate index-scheduler
Dependencies (22 total, 1 outdated)
Dev dependencies (5 total, all up-to-date)
Crate dump
Dependencies (14 total, 1 outdated)
Crate Required Latest Status anyhow ^1.0.86
1.0.95
up to date flate2 ^1.0.30
1.0.35
up to date http ^1.1.0
1.2.0
up to date once_cell ^1.19.0
1.20.2
up to date regex ^1.10.5
1.11.1
up to date roaring ^0.10.7
0.10.9
up to date serde ^1.0.204
1.0.216
up to date serde_json ^1.0.120
1.0.134
up to date tar ^0.4.41
0.4.43
up to date tempfile ^3.10.1
3.14.0
up to date thiserror ^1.0.61
2.0.9
out of date time ^0.3.36
0.3.37
up to date tracing ^0.1.40
0.1.41
up to date uuid ^1.10.0
1.11.0
up to date
Dev dependencies (2 total, all up-to-date)
Crate Required Latest Status big_s ^1.0.2
1.0.2
up to date maplit ^1.0.2
1.0.2
up to date
Crate file-store
Dependencies (4 total, 1 outdated)
Crate Required Latest Status tempfile ^3.10.1
3.14.0
up to date thiserror ^1.0.61
2.0.9
out of date tracing ^0.1.40
0.1.41
up to date uuid ^1.10.0
1.11.0
up to date
Crate permissive-json-pointer
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.134
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status big_s ^1.0
1.0.2
up to date
Crate milli
Dependencies (58 total, 6 outdated, 1 possibly insecure)
Dev dependencies (5 total, all up-to-date)
Crate Required Latest Status mimalloc ^0.1.43
0.1.43
up to date insta ^1.39.0
1.41.1
up to date maplit ^1.0.2
1.0.2
up to date md5 ^0.7.0
0.7.0
up to date rand ^0.8.5
0.8.5
up to date
Crate filter-parser
Dependencies (3 total, all up-to-date)
Crate Required Latest Status nom ^7.1.3
7.1.3
up to date nom_locate ^4.2.0
4.2.0
up to date unescaper ^0.1.5
0.1.5
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status insta ^1.39.0
1.41.1
up to date
Crate flatten-serde-json
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.134
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status criterion ^0.5.1
0.5.1
up to date
Crate json-depth-checker
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.134
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status criterion ^0.5.1
0.5.1
up to date
Crate benchmarks
Dependencies (7 total, all up-to-date)
Dev dependencies (4 total, all up-to-date)
Build dependencies (5 total, all up-to-date)
Crate fuzzers
Dependencies (8 total, all up-to-date)
Crate tracing-trace
Dependencies (9 total, all up-to-date)
Crate xtask
Dependencies (15 total, 2 outdated)
Crate build-info
Dependencies (1 total, all up-to-date)
Crate Required Latest Status time ^0.3.36
0.3.37
up to date
Build dependencies (2 total, all up-to-date)
Crate Required Latest Status anyhow ^1.0.86
1.0.95
up to date vergen-git2 ^1.0.0
1.0.2
up to date
Security Vulnerabilities rustls
: rustls network-reachable panic in `Acceptor::accept`RUSTSEC-2024-0399
A bug introduced in rustls 0.23.13 leads to a panic if the received
TLS ClientHello is fragmented. Only servers that use
rustls::server::Acceptor::accept()
are affected.
Servers that use tokio-rustls
's LazyConfigAcceptor
API are affected.
Servers that use tokio-rustls
's TlsAcceptor
API are not affected.
Servers that use rustls-ffi
's rustls_acceptor_accept
API are affected.
Unaffected
>=0.23, <0.23.13
<0.23
hashbrown
: Borsh serialization of HashMap is non-canonicalRUSTSEC-2024-0402
The borsh serialization of the HashMap did not follow the borsh specification.
It potentially produced non-canonical encodings dependent on insertion order.
It also did not perform canonicty checks on decoding.
This can result in consensus splits and cause equivalent objects to be
considered distinct.
This was patched in 0.15.1.