Deps.rs

swc-project / swc

[![dependency status](https://deps.rs/repo/github/swc-project/swc/status.svg)](https://deps.rs/repo/github/swc-project/swc)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate swc_core

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.13.01.15.0up to date
 wasmer^2.3.02.3.0up to date
 wasmer-wasi^2.3.02.3.0up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 vergen^7.3.27.4.2up to date

Crate dbg-swc

Dependencies

(12 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.571.0.65up to date
 clap^33.2.22up to date
 dialoguer^0.10.20.10.2up to date
 flate2^1.01.0.24up to date
 rayon^1.5.21.5.3up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 sha1^0.10.10.10.5up to date
 tempdir^0.3.70.3.7up to date
 tracing^0.1.340.1.36up to date
 tracing-subscriber^0.3.110.3.15up to date
 url^22.3.1up to date

Crate jsdoc

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 nom^7.1.07.1.1up to date
 serde^11.0.145up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 dashmap^5.1.05.4.0up to date

Crate binding_macros

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.581.0.65up to date
 console_error_panic_hook^0.1.70.1.7up to date
 js-sys^0.3.590.3.60up to date
 once_cell^1.13.01.15.0up to date
 wasm-bindgen^0.2.820.2.83up to date
 wasm-bindgen-futures^0.4.320.4.33up to date

Crate swc_css

No external dependencies! 🙌

Crate swc_css_lints

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 auto_impl^0.5.01.0.1out of date
 parking_lot^0.12.00.12.1up to date
 rayon^1.5.11.5.3up to date
 serde^1.0.1331.0.145up to date
 thiserror^1.0.301.0.37up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.791.0.85up to date

Crate swc_css_prefixer

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.15.0up to date
 serde^1.0.1181.0.145up to date
 serde_json^1.0.611.0.85up to date

Crate swc_ecmascript

No external dependencies! 🙌

Crate swc_ecma_lints

Dependencies

(7 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.70.8.0out of date
 auto_impl^0.5.01.0.1out of date
 dashmap^5.1.05.4.0up to date
 parking_lot^0.12.00.12.1up to date
 rayon^1.5.11.5.3up to date
 regex ⚠️^11.6.0maybe insecure
 serde^1.0.1331.0.145up to date

Crate swc_ecma_quote

No external dependencies! 🙌

Crate swc_estree_compat

Dependencies

(6 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.00.8.0out of date
 anyhow^11.0.65up to date
 copyless^0.1.50.1.5up to date
 rayon^1.5.01.5.3up to date
 serde^11.0.145up to date
 serde_json^1.0.621.0.85up to date

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 pretty_assertions^1.11.3.0up to date
 walkdir^22.3.2up to date

Crate swc_html

No external dependencies! 🙌

Crate swc_plugin

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.13.01.15.0up to date

Crate swc_plugin_macro

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_plugin_runner

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^1.0.421.0.65up to date
 once_cell^1.10.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 serde^1.0.1261.0.145up to date
 serde_json^1.0.641.0.85up to date
 tracing^0.1.320.1.36up to date
 wasmer^2.3.02.3.0up to date
 wasmer-wasi^2.3.02.3.0up to date

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 wasmer^2.3.02.3.0up to date
 wasmer-wasi^2.3.02.3.0up to date

Crate swc_plugin_testing

No external dependencies! 🙌

Crate swc_plugin_proxy

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 rkyv=0.7.370.7.39out of date
 rkyv-test=0.7.38-test.2N/Aup to date
 tracing^0.1.320.1.36up to date

Crate swc_timer

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tracing^0.1.320.1.36up to date

Crate swc_xml

No external dependencies! 🙌

Crate swc

Dependencies

(19 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 anyhow^11.0.65up to date
 base64^0.13.00.13.0up to date
 dashmap^5.1.05.4.0up to date
 either^11.8.0up to date
 indexmap^11.9.1up to date
 json_comments^0.2.00.2.1up to date
 lru^0.7.10.8.0out of date
 once_cell^1.10.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 pathdiff^0.2.00.2.1up to date
 regex ⚠️^11.6.0maybe insecure
 rustc-hash^1.1.01.1.0up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 sourcemap^66.1.0up to date
 tracing^0.1.320.1.36up to date
 napi-derive^2.0.02.9.1up to date
 napi^2.0.02.9.1up to date

Dev dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 ansi_term^0.120.12.1up to date
 criterion^0.30.4.0out of date
 rayon^1.5.11.5.3up to date
 walkdir^22.3.2up to date

Crate swc_atoms

Dependencies

(8 total, 1 outdated)

CrateRequiredLatestStatus
 bytecheck^0.6.90.6.9up to date
 once_cell^11.15.0up to date
 rkyv=0.7.370.7.39out of date
 rkyv-test=0.7.38-test.2N/Aup to date
 rustc-hash^1.1.01.1.0up to date
 serde^11.0.145up to date
 string_cache^0.8.40.8.4up to date
 triomphe^0.1.80.1.8up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 string_cache_codegen^0.5.20.5.2up to date

Crate swc_bundler

Dependencies

(14 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.70.8.0out of date
 anyhow^11.0.65up to date
 crc^2.1.03.0.0out of date
 dashmap^5.1.05.4.0up to date
 indexmap^1.61.9.1up to date
 is-macro^0.2.00.2.1up to date
 once_cell^1.10.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 petgraph^0.60.6.2up to date
 radix_fmt^11.0.0up to date
 rayon^11.5.3up to date
 relative-path^1.21.7.2up to date
 retain_mut^0.1.20.1.9up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(7 total, 1 outdated)

CrateRequiredLatestStatus
 hex^0.40.4.3up to date
 ntest^0.7.20.8.1out of date
 path-clean=0.1.00.1.0up to date
 reqwest^0.11.40.11.12up to date
 sha-1^0.100.10.0up to date
 tempfile^3.1.03.3.0up to date
 url^2.1.12.3.1up to date

Crate swc_cached

Dependencies

(6 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.60.8.0out of date
 anyhow^1.0.551.0.65up to date
 dashmap^5.1.05.4.0up to date
 once_cell^1.10.01.15.0up to date
 regex ⚠️^1.5.41.6.0maybe insecure
 serde^1.0.1361.0.145up to date

Crate swc_common

Dependencies

(22 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 anyhow^1.0.451.0.65up to date
 arbitrary^11.1.6up to date
 atty^0.20.2.14up to date
 bytecheck^0.6.90.6.9up to date
 cfg-if^1.0.01.0.0up to date
 debug_unreachable^0.1.10.1.1up to date
 either^1.51.8.0up to date
 num-bigint^0.40.4.3up to date
 once_cell^1.10.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 rkyv=0.7.370.7.39out of date
 rkyv-test=0.7.38-test.2N/Aup to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1191.0.145up to date
 siphasher^0.3.90.3.10up to date
 sourcemap^66.1.0up to date
 string_cache^0.8.40.8.4up to date
 termcolor^1.01.1.3up to date
 tracing^0.1.320.1.36up to date
 unicode-width^0.1.40.1.10up to date
 url^2.2.22.3.1up to date

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 rayon^11.5.3up to date
 serde_json^11.0.85up to date

Crate swc_css_ast

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 bytecheck^0.6.90.6.9up to date
 is-macro^0.2.00.2.1up to date
 rkyv=0.7.370.7.39out of date
 serde^1.0.1271.0.145up to date

Crate swc_css_codegen

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 auto_impl^0.5.01.0.1out of date
 bitflags^1.3.21.3.2up to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1271.0.145up to date

Crate swc_css_minifier

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^1.0.1181.0.145up to date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date

Crate swc_css_parser

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 bitflags^1.2.11.3.2up to date
 lexical^6.1.06.1.1up to date
 serde^1.0.1271.0.145up to date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 serde_json^1.0.661.0.85up to date

Crate swc_css_utils

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.15.0up to date
 serde^1.0.1181.0.145up to date
 serde_json^1.0.611.0.85up to date

Crate swc_css_visit

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.145up to date

Crate swc_ecma_ast

Dependencies

(10 total, 1 outdated)

CrateRequiredLatestStatus
 arbitrary^11.1.6up to date
 bitflags^11.3.2up to date
 bytecheck^0.6.90.6.9up to date
 is-macro^0.2.00.2.1up to date
 num-bigint^0.40.4.3up to date
 rkyv=0.7.370.7.39out of date
 rkyv-test=0.7.38-test.2N/Aup to date
 scoped-tls^1.0.01.0.0up to date
 serde^1.0.1331.0.145up to date
 unicode-id^0.30.3.3up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^11.0.85up to date

Crate swc_ecma_codegen

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 memchr^2.4.12.5.0up to date
 num-bigint^0.40.4.3up to date
 once_cell^1.10.01.15.0up to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1271.0.145up to date
 sourcemap^66.1.0up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 base64^0.130.13.0up to date
 criterion^0.30.4.0out of date
 serde_json^11.0.85up to date

Crate swc_ecma_loader

Dependencies

(11 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 anyhow^1.0.411.0.65up to date
 dashmap^5.1.05.4.0up to date
 lru^0.7.10.8.0out of date
 once_cell^1.9.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 path-clean=0.1.00.1.0up to date
 pathdiff^0.2.10.2.1up to date
 serde^11.0.145up to date
 serde_json^1.0.641.0.85up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 lazy_static^1.4.01.4.0up to date

Crate swc_ecma_minifier

Dependencies

(16 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.60.8.0out of date
 arrayvec^0.7.20.7.2up to date
 backtrace^0.3.610.3.66up to date
 indexmap^1.7.01.9.1up to date
 num-bigint^0.4.30.4.3up to date
 num_cpus^1.13.11.13.1up to date
 once_cell^1.10.01.15.0up to date
 parking_lot^0.12.00.12.1up to date
 pretty_assertions^1.11.3.0up to date
 rayon^1.5.11.5.3up to date
 regex ⚠️^1.5.31.6.0maybe insecure
 retain_mut^0.1.20.1.9up to date
 rustc-hash^1.1.01.1.0up to date
 serde^1.0.1181.0.145up to date
 serde_json^1.0.611.0.85up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 anyhow^11.0.65up to date
 criterion^0.3.50.4.0out of date
 pretty_assertions^1.11.3.0up to date
 walkdir^22.3.2up to date

Crate swc_ecma_parser

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.41.8.0up to date
 lexical^6.1.06.1.1up to date
 num-bigint^0.40.4.3up to date
 serde^11.0.145up to date
 smallvec^1.8.01.9.0up to date
 tracing^0.1.320.1.36up to date
 typed-arena^2.0.12.0.1up to date

Dev dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 pretty_assertions^1.11.3.0up to date
 serde_json^11.0.85up to date
 walkdir^22.3.2up to date

Crate swc_ecma_quote_macros

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_ecma_transforms_base

Dependencies

(8 total, 1 outdated)

CrateRequiredLatestStatus
 bitflags^11.3.2up to date
 once_cell^1.10.01.15.0up to date
 phf^0.100.11.1out of date
 rayon^11.5.3up to date
 rustc-hash^1.1.01.1.0up to date
 serde^11.0.145up to date
 smallvec^1.8.01.9.0up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 rayon^11.5.3up to date

Crate swc_ecma_transforms_module

Dependencies

(11 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 Inflector^0.11.40.11.4up to date
 ahash^0.7.40.8.0out of date
 anyhow^1.0.411.0.65up to date
 bitflags^11.3.2up to date
 indexmap^1.8.01.9.1up to date
 is-macro^0.2.00.2.1up to date
 path-clean^0.1.00.1.0up to date
 pathdiff^0.2.00.2.1up to date
 regex ⚠️^11.6.0maybe insecure
 serde^1.0.1181.0.145up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 indexmap^11.9.1up to date
 serde_json^11.0.85up to date

Crate swc_ecma_transforms_optimization

Dependencies

(9 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 dashmap^5.1.05.4.0up to date
 indexmap^1.6.11.9.1up to date
 once_cell^1.10.01.15.0up to date
 petgraph^0.60.6.2up to date
 rayon^1.5.11.5.3up to date
 rustc-hash^1.1.01.1.0up to date
 serde_json^1.0.611.0.85up to date
 tracing^0.1.320.1.36up to date

Crate swc_ecma_transforms_proposal

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.6.11.8.0up to date
 serde^1.0.1181.0.145up to date
 smallvec^1.8.01.9.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.661.0.85up to date

Crate swc_ecma_transforms_react

Dependencies

(9 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 base64^0.13.00.13.0up to date
 dashmap^5.1.05.4.0up to date
 indexmap^1.6.11.9.1up to date
 once_cell^1.10.01.15.0up to date
 rayon^1.5.11.5.3up to date
 regex ⚠️^1.4.21.6.0maybe insecure
 serde^1.0.1181.0.145up to date
 sha-1^0.10.00.10.0up to date

Crate swc_ecma_transforms_testing

Dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 anyhow^11.0.65up to date
 hex^0.4.30.4.3up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 sha-1^0.100.10.0up to date
 tempfile^3.1.03.3.0up to date

Crate swc_ecma_transforms_typescript

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^1.0.1181.0.145up to date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date

Crate swc_ecma_utils

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 indexmap^11.9.1up to date
 num_cpus^1.13.11.13.1up to date
 once_cell^1.10.01.15.0up to date
 rayon^1.5.11.5.3up to date
 tracing^0.1.320.1.36up to date
 unicode-id^0.30.3.3up to date

Crate swc_ecma_visit

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 num-bigint^0.40.4.3up to date
 serde^11.0.145up to date
 tracing^0.1.320.1.36up to date

Crate swc_node_base

No external dependencies! 🙌

Crate swc_node_bundler

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 dashmap^5.1.05.4.0up to date
 is-macro^0.2.00.2.1up to date
 once_cell^1.10.01.15.0up to date
 regex ⚠️^11.6.0maybe insecure
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.3.0up to date

Crate swc_nodejs_common

Dependencies

(6 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 napi^22.9.1up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 tracing^0.1.320.1.36up to date
 tracing-subscriber^0.3.90.3.15up to date

Crate swc_trace_macro

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate testing

Dependencies

(8 total, 1 possibly insecure)

CrateRequiredLatestStatus
 ansi_term^0.12.10.12.1up to date
 difference^22.0.0up to date
 once_cell^1.10.01.15.0up to date
 pretty_assertions^1.11.3.0up to date
 regex ⚠️^11.6.0maybe insecure
 serde_json^1.0.711.0.85up to date
 tracing^0.1.320.1.36up to date
 tracing-subscriber^0.3.90.3.15up to date

Crate swc_error_reporters

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 miette^4.2.15.3.0out of date
 once_cell^11.15.0up to date
 parking_lot^0.12.00.12.1up to date

Crate swc_ecma_transforms

Dev dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.3.0up to date
 sourcemap^66.1.0up to date
 tempfile^33.3.0up to date

Crate preset_env_base

Dependencies

(9 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 anyhow^11.0.65up to date
 browserslist-rs=0.11.00.12.1out of date
 dashmap^5.1.05.4.0up to date
 once_cell^1.12.01.15.0up to date
 semver^1.0.41.0.14up to date
 serde^11.0.145up to date
 st-map^0.1.20.1.6up to date
 tracing^0.1.320.1.36up to date

Crate swc_ecma_dep_graph

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 pretty_assertions^1.11.3.0up to date

Crate swc_ecma_preset_env

Dependencies

(9 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 anyhow^11.0.65up to date
 dashmap^5.1.05.4.0up to date
 indexmap^1.6.21.9.1up to date
 once_cell^1.10.01.15.0up to date
 semver^1.0.41.0.14up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date
 st-map^0.1.20.1.6up to date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 pretty_assertions^1.11.3.0up to date

Crate swc_config

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 indexmap^11.9.1up to date
 serde^11.0.145up to date
 serde_json^11.0.85up to date

Crate swc_estree_ast

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.145up to date
 serde_json^11.0.85up to date

Crate swc_node_comments

Dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.60.8.0out of date
 dashmap^5.1.05.4.0up to date

Crate swc_html_ast

Dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 bytecheck^0.6.90.6.9up to date
 is-macro^0.2.00.2.1up to date
 rkyv=0.7.370.7.39out of date
 serde^1.0.1271.0.145up to date

Crate swc_html_codegen

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 auto_impl^0.5.01.0.1out of date
 bitflags^1.3.21.3.2up to date
 rustc-hash^1.1.01.1.0up to date

Crate swc_html_minifier

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.15.0up to date
 serde^1.0.1181.0.145up to date
 serde_json^1.0.611.0.85up to date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date

Crate swc_html_parser

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 serde^1.0.1271.0.145up to date
 serde_json^1.0.661.0.85up to date

Crate swc_html_visit

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.145up to date

Crate better_scoped_tls

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 scoped-tls^1.0.01.0.0up to date

Crate swc_xml_ast

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 is-macro^0.2.00.2.1up to date
 serde^1.0.1271.0.145up to date

Crate swc_xml_codegen

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 auto_impl^0.5.01.0.1out of date
 bitflags^1.3.21.3.2up to date
 rustc-hash^1.1.01.1.0up to date

Crate swc_xml_parser

Dev dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.4.0out of date
 serde^1.0.1271.0.145up to date
 serde_json^1.0.661.0.85up to date

Crate swc_xml_visit

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.145up to date

Crate swc_ecma_ext_transforms

Dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 phf^0.100.11.1out of date

Crate swc_ecma_transforms_compat

Dependencies

(10 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.7.40.8.0out of date
 arrayvec^0.7.20.7.2up to date
 indexmap^1.6.11.9.1up to date
 is-macro^0.2.00.2.1up to date
 num-bigint^0.40.4.3up to date
 ordered-float^2.0.13.1.0out of date
 rayon^1.5.11.5.3up to date
 serde^1.0.1181.0.145up to date
 smallvec^1.8.01.9.0up to date
 tracing^0.1.320.1.36up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde_json^1.0.661.0.85up to date

Crate swc_visit

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 either^1.5.31.8.0up to date

Crate swc_ecma_testing

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 hex^0.40.4.3up to date
 sha-1^0.100.10.0up to date
 tracing^0.1.320.1.36up to date

Crate swc_fast_graph

Dependencies

(3 total, 1 outdated)

CrateRequiredLatestStatus
 ahash^0.7.60.8.0out of date
 indexmap^1.7.01.9.1up to date
 petgraph^0.60.6.2up to date

Crate swc_graph_analyzer

Dependencies

(4 total, 2 outdated)

CrateRequiredLatestStatus
 ahash^0.7.60.8.0out of date
 auto_impl^0.5.01.0.1out of date
 petgraph^0.6.00.6.2up to date
 tracing^0.1.320.1.36up to date

Crate ast_node

Dependencies

(5 total, 1 outdated)

CrateRequiredLatestStatus
 darling^0.130.14.1out of date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate from_variant

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^11.0.44up to date
 syn^11.0.101up to date

Crate swc_eq_ignore_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^1.0.241.0.44up to date
 quote^1.0.71.0.21up to date
 syn^11.0.101up to date

Crate string_enum

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 serde^11.0.145up to date

Crate swc_css_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_ecma_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 syn^11.0.101up to date
 quote^11.0.21up to date

Crate enum_kind

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 syn^11.0.101up to date

Crate swc_macros_common

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_ecma_transforms_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_ecma_transforms_classes

No external dependencies! 🙌

Crate testing_macros

Dependencies

(9 total, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^11.0.65up to date
 glob^0.30.3.0up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^1.0.241.0.44up to date
 quote^11.0.21up to date
 regex ⚠️^11.6.0maybe insecure
 relative-path^1.3.21.7.2up to date
 syn^11.0.101up to date
 once_cell^1.10.01.15.0up to date

Crate swc_config_macro

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.30.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_html_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_html_utils

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 once_cell^1.10.01.15.0up to date
 serde^1.0.1181.0.145up to date
 serde_json^1.0.611.0.85up to date

Crate swc_xml_codegen_macros

Dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Crate swc_visit_macros

Dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 Inflector^0.11.40.11.4up to date
 pmutil^0.5.10.5.3up to date
 proc-macro2^11.0.44up to date
 quote^11.0.21up to date
 syn^11.0.101up to date

Security Vulnerabilities

regex: Regexes with large repetitions on empty sub-expressions take a very long time to parse

RUSTSEC-2022-0013

The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions (regex) it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes. No known vulnerability is present when parsing untrusted input with trusted regexes.

This issue has been assigned CVE-2022-24713. The severity of this vulnerability is "high" when the regex crate is used to parse untrusted regexes. Other uses of the regex crate are not affected by this vulnerability.

Overview

The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API.

Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes.

Affected versions

All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5.

Mitigations

We recommend everyone accepting user-controlled regexes to upgrade immediately to the latest version of the regex crate.

Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, we do not recommend denying known problematic regexes.

Acknowledgements

We want to thank Addison Crump for responsibly disclosing this to us according to the Rust security policy, and for helping review the fix.

We also want to thank Andrew Gallant for developing the fix, and Pietro Albini for coordinating the disclosure and writing this advisory.