Deps.rs

nervosnetwork / ckb

[![dependency status](https://deps.rs/repo/github/nervosnetwork/ckb/status.svg)](https://deps.rs/repo/github/nervosnetwork/ckb)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate ckb

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 winreg^0.550.55.0up to date
 version-compare^0.20.2.1up to date
 tikv-jemallocator^0.5.00.6.1out of date

Crate ckb-util

No external dependencies! 🙌

Crate ckb-occupied-capacity-core

No external dependencies! 🙌

Crate ckb-channel

No external dependencies! 🙌

Crate ckb-systemtime

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 web-time^1.1.01.1.0up to date

Crate ckb-fixed-hash-core

No external dependencies! 🙌

Crate ckb-build-info

No external dependencies! 🙌

Crate ckb-logger

No external dependencies! 🙌

Crate ckb-logger-config

No external dependencies! 🙌

Crate ckb-metrics-config

No external dependencies! 🙌

Crate ckb-hash

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 blake2b-ref^0.30.3.1up to date
 blake2b-rs^0.20.2.0up to date

Crate ckb-rational

No external dependencies! 🙌

Crate ckb-benches

No external dependencies! 🙌

Crate ckb-db-schema

No external dependencies! 🙌

Crate ckb-spawn

No external dependencies! 🙌

Crate ckb-occupied-capacity-macros

No external dependencies! 🙌

Crate ckb-fixed-hash-macros

No external dependencies! 🙌

Crate ckb-logger-service

No external dependencies! 🙌

Crate ckb-async-runtime

Dependencies

(2 total, 1 possibly insecure)

CrateRequiredLatestStatus
 tokio ⚠️^11.49.0maybe insecure
 wasm-bindgen-futures^0.40.4.63up to date

Crate ckb-stop-handler

No external dependencies! 🙌

Crate ckb-onion

No external dependencies! 🙌

Crate ckb-metrics

No external dependencies! 🙌

Crate ckb-metrics-service

No external dependencies! 🙌

Crate ckb-fixed-hash

No external dependencies! 🙌

Crate ckb-occupied-capacity

No external dependencies! 🙌

Crate ckb-crypto

No external dependencies! 🙌

Crate ckb-constant

No external dependencies! 🙌

Crate ckb-error

No external dependencies! 🙌

Crate ckb-multisig

No external dependencies! 🙌

Crate ckb-gen-types

No external dependencies! 🙌

Crate ckb-migration-template

No external dependencies! 🙌

Crate ckb-types

No external dependencies! 🙌

Crate ckb-jsonrpc-types

No external dependencies! 🙌

Crate ckb-freezer

No external dependencies! 🙌

Crate ckb-resource

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 phf=0.8.00.13.1out of date

Crate ckb-pow

No external dependencies! 🙌

Crate ckb-dao-utils

No external dependencies! 🙌

Crate ckb-traits

No external dependencies! 🙌

Crate ckb-chain-spec

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 cacache^13.0.013.1.0up to date

Crate ckb-fee-estimator

No external dependencies! 🙌

Crate ckb-proposal-table

No external dependencies! 🙌

Crate ckb-script

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tokio^1.35.01.49.0up to date

Crate ckb-app-config

No external dependencies! 🙌

Crate ckb-db

No external dependencies! 🙌

Crate ckb-network

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 socket2^0.50.6.2out of date
 idb^0.60.6.5up to date
 serde-wasm-bindgen^0.6.50.6.5up to date

Crate ckb-miner

No external dependencies! 🙌

Crate ckb-notify

Dependencies

(1 total, 1 possibly insecure)

CrateRequiredLatestStatus
 tokio ⚠️^11.49.0maybe insecure

Crate ckb-memory-tracker

Dependencies

(3 total, 2 outdated)

CrateRequiredLatestStatus
 tikv-jemalloc-ctl^0.5.00.6.1out of date
 tikv-jemalloc-sys^0.5.00.6.1+5.3.0-1-ge13ca993e8ccb9ba9847cc330696e02839f328f7out of date
 libc^0.20.2.182up to date

Crate ckb-db-migration

No external dependencies! 🙌

Crate ckb-network-alert

No external dependencies! 🙌

Crate ckb-store

No external dependencies! 🙌

Crate ckb-indexer-sync

No external dependencies! 🙌

Crate ckb-indexer

No external dependencies! 🙌

Crate ckb-rich-indexer

No external dependencies! 🙌

Crate ckb-chain-iter

No external dependencies! 🙌

Crate ckb-dao

No external dependencies! 🙌

Crate ckb-test-chain-utils

No external dependencies! 🙌

Crate ckb-reward-calculator

No external dependencies! 🙌

Crate ckb-snapshot

No external dependencies! 🙌

Crate ckb-migrate

No external dependencies! 🙌

Crate ckb-verification-traits

No external dependencies! 🙌

Crate ckb-verification

No external dependencies! 🙌

Crate ckb-verification-contextual

No external dependencies! 🙌

Crate ckb-tx-pool

No external dependencies! 🙌

Crate ckb-shared

No external dependencies! 🙌

Crate ckb-block-filter

No external dependencies! 🙌

Crate ckb-chain

No external dependencies! 🙌

Crate ckb-sync

No external dependencies! 🙌

Crate ckb-instrument

No external dependencies! 🙌

Crate ckb-rpc

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 axum-streams^0.210.24.0out of date

Crate ckb-light-client-protocol-server

No external dependencies! 🙌

Crate ckb-launcher

No external dependencies! 🙌

Crate ckb-rpc-gen

No external dependencies! 🙌

Crate ckb-bin

Dependencies

(3 total, 2 outdated)

CrateRequiredLatestStatus
 daemonize-me^22.0.2up to date
 nix^0.29.00.31.1out of date
 colored^2.03.1.1out of date

Crate ckb-test

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 nix^0.29.00.31.1out of date

Security Vulnerabilities

tokio: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);